How to fix vulnerability CVE-2024-25638, CVE-2010-3700 & CVE-2023-50868 from dnsjava:dnsjava v3.5.2?

Java SDK
1

HI Team !

I have noticed a new vulnerability - CVE-2024-25638, CVE-2010-3700 & CVE-2023-50868 which is reported for dnsjava:dnsjava v3.5.2. This is a transitive dependency of com.couchbase.client:core-io v2.7.1. Will there be a new version of com.couchbase.client:core-io released with dnsjava:dnsjava v3.6.0 ?

2

Yes. A new version to be released this week.

3

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.