CVE-2023-33201 transitive vulnerable dependency

Question

Closed this issue 7 months ago · 1 comments

Checkmarx warns that this library has transitive dependency with security issue

This vulnerability exists in org.bouncycastle:bcprov-jdk18on version 1.73
https://devhub.checkmarx.com/cve-details/CVE-2023-33201/

I've noticed that bcprov-jdk18on library already has newer versions without that vulnerability, so updating library should solve this issue.
https://mvnrepository.com/artifact/org.bouncycastle/bcprov-jdk18on

Answer 1 · 2024-05-27T08:25:24.000Z

Fixed, closing issue