Description
Feign client feign-okhttp version is outdated (10.12, latest 13.5) which makes it vulnerable to CVE-2023-3635.
openapi-generator version
latest - v7.12.0, also in latest master
Generation Details
Use library: feign when running openapi-generator-cli. Produced code will always depend on feign-okhttp v10.12, leading to a transitive dependency of okio-jvm-2.6.0, which is vulnerable to CVE-2023-3635.
Suggest a fix
Bump version. Will open PR to resolve.
Description
Feign client feign-okhttp version is outdated (10.12, latest 13.5) which makes it vulnerable to CVE-2023-3635.
openapi-generator version
latest - v7.12.0, also in latest master
Generation Details
Use library: feign when running openapi-generator-cli. Produced code will always depend on feign-okhttp v10.12, leading to a transitive dependency of okio-jvm-2.6.0, which is vulnerable to CVE-2023-3635.
Suggest a fix
Bump version. Will open PR to resolve.