New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Upgrade json-smart to 2.4.1 or newer #712

Closed

bond- opened this issue May 19, 2021 · 2 comments

bond- commented May 19, 2021

Caught the following in our security scans:

LIBRARY	VULNERABILITY ID	SEVERITY	INSTALLED VERSION	FIXED VERSION	TITLE
net.minidev:json-smart	CVE-2021-27568	CRITICAL	2.3	2.4.1	json-smart: uncaught
				exception may lead to crash
				or information disclosure
				-->avd.aquasec.com/nvd/cve-2021-27568

bond- changed the title ~~Upgrade json-smart to 2..4.1 or newer~~ Upgrade json-smart to 2.4.1 or newer

Author

bond- commented May 19, 2021 •

edited

Seems to be a duplicate of #687, #676, #608

Contributor

kallestenflo commented Jun 2, 2021

Fixed by #716

kallestenflo closed this as completed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment