Update json-path to 2.9.0

Fixes #5643
spring-cloud · Jan 23, 2024 · 4a6863c · 4a6863c
1 parent 777c773
commit 4a6863c
Show file tree

Hide file tree

Showing 4 changed files with 23 additions and 1 deletion.
diff --git a/spring-cloud-dataflow-build/pom.xml b/spring-cloud-dataflow-build/pom.xml
@@ -33,7 +33,7 @@
 		<revision>${project.version}</revision>
 		<asciidoctorj.version>2.5.7</asciidoctorj.version>
 		<jruby-complete.version>9.2.7.0</jruby-complete.version>
-
+		<json-path.version>2.9.0</json-path.version> <!-- CVE-2023-51074 -->
 		<!-- Sonar -->
 		<sonar.java.coveragePlugin>jacoco</sonar.java.coveragePlugin>
 		<sonar.dynamicAnalysis>reuseReports</sonar.dynamicAnalysis>
@@ -100,6 +100,11 @@
 				<type>pom</type>
 				<scope>import</scope>
 			</dependency>
+			<dependency>
+				<groupId>com.jayway.jsonpath</groupId>
+				<artifactId>json-path</artifactId>
+				<version>${json-path.version}</version>
+			</dependency>
 		</dependencies>
 	</dependencyManagement>
 	<dependencies>

diff --git a/spring-cloud-dataflow-common/pom.xml b/spring-cloud-dataflow-common/pom.xml
@@ -21,6 +21,7 @@
 		<jayway-awaitility.version>1.7.0</jayway-awaitility.version>
 		<java-semver.version>0.9.0</java-semver.version>
 		<joda-time.version>2.10.6</joda-time.version>
+		<json-path.version>2.9.0</json-path.version>
 	</properties>
 
 	<modules>
@@ -48,6 +49,11 @@
 				<artifactId>joda-time</artifactId>
 				<version>${joda-time.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>com.jayway.jsonpath</groupId>
+				<artifactId>json-path</artifactId>
+				<version>${json-path.version}</version>
+			</dependency>
 		</dependencies>
 	</dependencyManagement>
 	<build>

diff --git a/spring-cloud-dataflow-parent/pom.xml b/spring-cloud-dataflow-parent/pom.xml
@@ -54,6 +54,7 @@
 		<jackson-bom.version>2.13.5</jackson-bom.version>
 		<guava.version>32.1.3-jre</guava.version>
 		<logback.version>1.2.13</logback.version>
+		<json-path.version>2.9.0</json-path.version> <!-- CVE-2023-51074 -->
 	</properties>
 	<dependencyManagement>
 		<dependencies>
@@ -109,6 +110,11 @@
 				<artifactId>jettison</artifactId>
 				<version>${jettison.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>com.jayway.jsonpath</groupId>
+				<artifactId>json-path</artifactId>
+				<version>${json-path.version}</version>
+			</dependency>
 			<dependency>
 				<groupId>org.springframework.security</groupId>
 				<artifactId>spring-security-oauth2-client</artifactId>

diff --git a/spring-cloud-skipper/pom.xml b/spring-cloud-skipper/pom.xml
@@ -227,6 +227,11 @@
 				<artifactId>commons-compress</artifactId>
 				<version>${commons-compress.version}</version>
 			</dependency>
+			<dependency>
+				<groupId>com.jayway.jsonpath</groupId>
+				<artifactId>json-path</artifactId>
+				<version>${json-path.version}</version>
+			</dependency>
 		</dependencies>
 	</dependencyManagement>
 	<build>