akka-stream-alpakka-ftp has a transitive dependency eddsa having vulnerability CVE-2020-36843 #3426
Description
akka-stream-alpakka-ftp has a transitive dependency eddsa having vulnerability CVE-2020-36843
We are currently using
com.lightbend.akka:akka-stream-alpakka-ftp_2.13:2.0.2
But i see that the latest available version is also impacted with this vulnerability
https://mvnrepository.com/artifact/com.lightbend.akka/akka-stream-alpakka-ftp_3/9.0.2
Wanted to check if we can get a patched version of "com.lightbend.akka:akka-stream-alpakka-ftp_2.13:2.0.2" with this vulnerability fix as upgrading to a higher version would require a lot of effort
Let me know if more details are required. Will update accordingly