icu4j vulnerability
elzibubble opened this issue · 1 comments
elzibubble commented
[com.walmartlabs/lacinia "1.1"]
[clj-antlr "0.2.10"]
[org.antlr/antlr4 "4.9.2"]
[com.ibm.icu/icu4j "61.1"]
This version of icu4j has CVE-2020-21913 against it. Antlr 4.9.3 has merged an update: antlr/antlr4#3261
clj-antlr 0.2.12 uses Antlr 4.9.3; please would you update?