google/timesketch

Outdated depedency google-auth 1.7.0 installs rsa 4.0 dependency which contains a vulnerability

Closed this issue · 0 comments

Outdated depedency google-auth 1.7.0 installs rsa 4.0 dependency which contains vulnerability (https://www.cvedetails.com/cve/CVE-2020-13757/) on it.

Update google-auth to 2.32.0 to install newer version of rsa and fix the vulnerability.