eclipse-tractusx · paullatzelsperger · Jul 11, 2023 · Jul 11, 2023 · Jul 11, 2023
diff --git a/DEPENDENCIES b/DEPENDENCIES
@@ -209,9 +209,9 @@ maven/mavencentral/net.java.dev.jna/jna-platform/5.13.0, Apache-2.0 OR LGPL-2.1-
 maven/mavencentral/net.java.dev.jna/jna-platform/5.6.0, Apache-2.0 OR LGPL-2.1-or-later, approved, CQ22390
 maven/mavencentral/net.java.dev.jna/jna/5.12.1, Apache-2.0 OR LGPL-2.1-or-later, approved, #3217
 maven/mavencentral/net.java.dev.jna/jna/5.13.0, Apache-2.0 AND LGPL-2.1-or-later, approved, #6709
-maven/mavencentral/net.minidev/accessors-smart/2.4.11, Apache-2.0, approved, #7515
+maven/mavencentral/net.minidev/accessors-smart/2.5.0, , restricted, clearlydefined
 maven/mavencentral/net.minidev/json-smart/2.4.10, Apache-2.0, approved, #3288
-maven/mavencentral/net.minidev/json-smart/2.4.11, Apache-2.0, approved, #3288
+maven/mavencentral/net.minidev/json-smart/2.5.0, , restricted, clearlydefined
 maven/mavencentral/net.sf.saxon/Saxon-HE/10.6, MPL-2.0 AND W3C, approved, #7945
 maven/mavencentral/org.antlr/antlr4-runtime/4.9.3, BSD-3-Clause, approved, #322
 maven/mavencentral/org.apache.commons/commons-compress/1.23.0, Apache-2.0 AND BSD-3-Clause, approved, #7506

diff --git a/build.gradle.kts b/build.gradle.kts
@@ -71,7 +71,7 @@ allprojects {
             implementation("org.yaml:snakeyaml:2.0") {
                 because("version 1.33 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-1471.")
             }
-            implementation("net.minidev:json-smart:2.4.11") {
+            implementation("net.minidev:json-smart:2.5.0") {
                 because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.")
             }
         }

diff --git a/edc-dataplane/edc-dataplane-azure-vault/build.gradle.kts b/edc-dataplane/edc-dataplane-azure-vault/build.gradle.kts
@@ -27,7 +27,7 @@ dependencies {
     implementation(project(":edc-dataplane:edc-dataplane-base"))
     implementation(libs.edc.azure.vault)
     constraints {
-        implementation("net.minidev:json-smart:2.4.11") {
+        implementation("net.minidev:json-smart:2.5.0") {
             because("version 2.4.8 has vulnerabilities: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1370.")
         }
     }