Upstox Latest JAVA SDK has multiple CVE. Will they get fixed?
It is concerning to use the SDK of financial related Company to have so many CVE unfixed.
Kindly consider opening an issue here as well GitHub - upstox/upstox-java: Official Java SDK for accessing Upstox API . pom.xml is using old versions of packages that might be causing maven to report multiple CVEs.