Skip to content

Commit

Permalink
Require json-path 2.9.0 to fix CVE-2023-51074. Resolves opensearch-pr…
Browse files Browse the repository at this point in the history
…oject#3919. (opensearch-project#4132)

Signed-off-by: David Venable <[email protected]>
  • Loading branch information
dlvenable authored Feb 15, 2024
1 parent 18cb6c9 commit 838744c
Showing 1 changed file with 6 additions and 0 deletions.
6 changes: 6 additions & 0 deletions build.gradle
Original file line number Diff line number Diff line change
Expand Up @@ -194,6 +194,12 @@ subprojects {
}
because 'CVE from transitive dependencies'
}
implementation('com.jayway.jsonpath:json-path') {
version {
require '2.9.0'
}
because 'Fixes CVE-2023-51074 from transitive dependencies'
}
implementation('org.bitbucket.b_c:jose4j') {
version {
require '0.9.3'
Expand Down

0 comments on commit 838744c

Please sign in to comment.