Snyk: snowflake-ingest-java org.bouncycastle:bcprov-jdk18on 1.78 | Snyk ID - SNYK-JAVA-ORGBOUNCYCASTLE-6277381 #743
Comments
|
We already upgraded to 1.7.8, but the CVE is not updated to indicate that is the fixed version: |
|
This problem has no released version that solves it, including the latest 1.78 that solved some other issues. |
|
The problem is fixed in 1.78 and 1.78.1. It is going to be a while before any CVEs are updated, Mitre is currently having internal issues, apparently due to a data breach, our last request for a CVE-ID for the 1.78 release is still pending, that's over 3 weeks now. CVE-2024-30171 will be updated to show 1.78 as the fix release. |
|
Fixed in #752 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Title: Snyk: snowflake-ingest-java org.bouncycastle:bcprov-jdk18on 1.78
Additional information on Snyk can be found here: https://snyk.io/org/snowflakedb-sca-scanning-public-repo/project/decdb8fe-6a6d-465d-9e89-84aa34efb781
Repo: snowflake-ingest-java
CVE:
Package Type: java
Package Name: org.bouncycastle:bcprov-jdk18on
Package Version: 1.78
Snyk ID: SNYK-JAVA-ORGBOUNCYCASTLE-6277381
Vulnerability URL: http://security.snyk.io/vuln/SNYK-JAVA-ORGBOUNCYCASTLE-6277381
Severity: medium
Introduced Date: 2024-03-04
Projects with Vulnerability: snowflakedb/snowflake-ingest-java:pom.xml
Target File: pom.xml
JIRA Ticket: https://snowflakecomputing.atlassian.net/browse/SNOW-1334457
The text was updated successfully, but these errors were encountered: