Manage org.json:json dependency to ensure consistent version (#20104)

Earlier versions include a DoS vulnerability, so we want to ensure we are using a fixed version. Refs https://github.com/Graylog2/graylog2-server/security/dependabot/131
Graylog2 · Aug 7, 2024 · 510090e · 510090e
1 parent 356d252
commit 510090e
Showing 1 changed file with 6 additions and 0 deletions.
diff --git a/pom.xml b/pom.xml
@@ -144,6 +144,7 @@
         <jmte.version>7.0.3</jmte.version>
         <joda-time.version>2.12.7</joda-time.version>
         <jool.version>0.9.15</jool.version>
+        <json-org.version>20240303</json-org.version>
         <json-path.version>2.9.0</json-path.version>
         <kafka.version>3.8.0</kafka.version>
         <kafka09.version>0.9.0.1-7</kafka09.version>
@@ -344,6 +345,11 @@
                 <artifactId>snakeyaml</artifactId>
                 <version>${snakeyaml.version}</version>
             </dependency>
+            <dependency>
+                <groupId>org.json</groupId>
+                <artifactId>json</artifactId>
+                <version>${json-org.version}</version>
+            </dependency>
             <dependency>
                 <groupId>io.jsonwebtoken</groupId>
                 <artifactId>jjwt-api</artifactId>