Outdated Google API Client library leads to vulnerabilities

**Describe the bug**
Version 1.35.2 of the Google API Client is vulnerable to the following CVEs due to dependencies it uses:

- [CVE-2022-3510 ](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3510)
- [CVE-2022-3509](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3509)
- [CVE-2022-3171](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3171)

The latest version (2.2.0) is not vulnerable. 

**To Reproduce**

Include flank in a build that checks for CVE issues in dependencies. See a failure do to the above CVEs. 

**Expected behavior**
Flank does not introduce security vulnerabilities in projects that use it. 

**Details**

Refer to [Versions.kt](https://github.com/Flank/flank/blob/master/buildSrc/src/main/kotlin/Versions.kt#L35) to see that Flank is using an outdated version of `GOOGLE_API`.






Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Outdated Google API Client library leads to vulnerabilities #2372

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Outdated Google API Client library leads to vulnerabilities #2372

Description

Metadata

Metadata

Assignees

Labels

Type

Fields

Projects

Milestone

Relationships

Development

Issue actions