You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I just saw that the dependencies spring-cloud-services-starter-config-client and spring-cloud-dataflow-rest-client provide spring-security-oauth2-client in version 5.7.3 but Spring Boot 2.7.6 provides spring-security-oauth2-client 5.7.5
Release versions:
2.10.0
Custom apps:
Steps to reproduce:
Just checkout the project and see the dependency graph.
Screenshots:
Additional context:
As a workaround we excluded spring-security-oauth2-client from those dependency and added it in the right version.
The text was updated successfully, but these errors were encountered:
Description:
Due to the CVE
cve-2022-31690
(https://tanzu.vmware.com/security/cve-2022-31690) we just wanted to upgrade to SCDF 2.10.0.I just saw that the dependencies
spring-cloud-services-starter-config-client
andspring-cloud-dataflow-rest-client
providespring-security-oauth2-client
in version5.7.3
but Spring Boot 2.7.6 provides spring-security-oauth2-client5.7.5
Release versions:
2.10.0
Custom apps:
Steps to reproduce:
Just checkout the project and see the dependency graph.
Screenshots:
Additional context:
As a workaround we excluded
spring-security-oauth2-client
from those dependency and added it in the right version.The text was updated successfully, but these errors were encountered: