Skip to content

Commit

Permalink
Upgrade JSON to 20231013 to fix CVE-2023-5072 (opensearch-project#912)
Browse files Browse the repository at this point in the history
Signed-off-by: Derek Ho <[email protected]>
  • Loading branch information
derek-ho authored Oct 16, 2023
1 parent 66346de commit b68990f
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -174,7 +174,7 @@ dependencies {
implementation "org.jetbrains.kotlinx:kotlinx-coroutines-core:1.3.9"
implementation "${group}:common-utils:${common_utils_version}"
compileOnly "${group}:opensearch-job-scheduler-spi:${job_scheduler_version}"
implementation "org.json:json:20230227"
implementation "org.json:json:20231013"
implementation group: 'com.github.wnameless.json', name: 'json-flattener', version: '0.15.1'
// json-base, jackson-databind, jackson-annotations are transitive dependencies by json-flattener
implementation group: 'com.github.wnameless.json', name: 'json-base', version: '2.2.1'
Expand Down

0 comments on commit b68990f

Please sign in to comment.