Joost Klitsie
08/08/2022, 9:13 AMroom-compiler-processing-2.4.3.jar (pkg:maven/androidx.room/room-compiler-processing@2.4.3, cpe:2.3:a:processing:processing:2.4.3:*:*:*:*:*:*:*) : CVE-2018-1000840
symbol-processing-1.7.10-1.0.6.jar (pkg:maven/com.google.devtools.ksp/symbol-processing@1.7.10-1.0.6, cpe:2.3:a:processing:processing:1.7.10.1:*:*:*:*:*:*:*) : CVE-2018-1000840
symbol-processing-api-1.7.10-1.0.6.jar (pkg:maven/com.google.devtools.ksp/symbol-processing-api@1.7.10-1.0.6, cpe:2.3:a:processing:processing:1.7.10.1:*:*:*:*:*:*:*) : CVE-2018-1000840
Am I correct that we can safely ignore this? I assume the generated code will not be affected by this. (we are building an Android application so we care mostly about runtime safety)Jiaxiang
08/08/2022, 4:43 PM