Upgrade transitive dependency protobuf-java to fix security vulnerability #1440
Labels
kind/bug
Some behavior is incorrect or out of spec
needs-triage
Needs attention from the triage team
What happened?
IntelliJ reports that Pulumi 0.16.1 depends on a vulnerable version of protobuf-java: https://osv.dev/vulnerability/GHSA-735f-pc8j-v9w8
Example
N/A
Output of
pulumi about
N/A
Additional context
No response
Contributing
Vote on this issue by adding a 👍 reaction.
To contribute a fix for this issue, leave a comment (and link to your pull request, if you've opened one already).
The text was updated successfully, but these errors were encountered: