In the dependency tree of azure-cosmos:3.4.0 is commons-beanutils:commons-beanutils:jar:1.9.2 (through commons-validator:commons-validator:jar:1.6).
commons-beanutils in version 1.9.2 has the following vulnerability:
https://nvd.nist.gov/vuln/detail/CVE-2019-10086
Could you update the dependency-tree such that the vulnerability is not part of it anymore?
In the dependency tree of
azure-cosmos:3.4.0iscommons-beanutils:commons-beanutils:jar:1.9.2(throughcommons-validator:commons-validator:jar:1.6).commons-beanutilsin version 1.9.2 has the following vulnerability:https://nvd.nist.gov/vuln/detail/CVE-2019-10086
Could you update the dependency-tree such that the vulnerability is not part of it anymore?