From 45b6e22fef406a41774d16500a043e6481abe28a Mon Sep 17 00:00:00 2001 From: Marek Novotny Date: Tue, 12 Sep 2023 18:43:45 +0200 Subject: [PATCH] [GH-15750] Upgrade json-smart to Address CVE-2023-1370 in Main Standalone Jar --- h2o-assemblies/main/build.gradle | 3 +++ 1 file changed, 3 insertions(+) diff --git a/h2o-assemblies/main/build.gradle b/h2o-assemblies/main/build.gradle index ec63f9c00e73..b0579aa4b1b0 100644 --- a/h2o-assemblies/main/build.gradle +++ b/h2o-assemblies/main/build.gradle @@ -51,6 +51,9 @@ dependencies { api('com.fasterxml.jackson.core:jackson-databind:2.13.4.2') { because 'Fixes CVE-2022-42003' } + api('net.minidev:json-smart:2.4.10') { + because 'Fixes CVE-2023-1370' + } api('com.google.guava:guava:32.0.1-jre') { because 'Fixes CVE-2023-2976' because 'Fixes CVE-2020-8908'