io.github.comet-crypto:lib (>=0.2 <=0.2.3), io.socket:socket.io-server (>=3.0.0 <=3.0.1) potentially affected by CVE-2022-25867 via io.socket:socket.io-client (=2.0.0)
io.socket:socket.io-client MAVEN version =2.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on io.socket:socket.io-client and may be impacted: - io.github.comet-crypto:lib =0.2, =3.0.0, =3.0.1 Source cves: CVE-2022-25867 Source advisory:...