Fix CVE

Upgrade com.github.spotbugs:[email protected] to com.github.spotbugs:[email protected] to fix ✗ Out-of-bounds Write [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEBCEL-3106013] in org.apache.bcel:[email protected] introduced by com.github.spotbugs:[email protected] > org.apache.bcel:[email protected] Upgrade io.sentry:[email protected] to io.sentry:[email protected] to fix Upgrade org.hibernate:[email protected] to org.hibernate:[email protected] to fix Upgrade org.json:json@20230227 to org.json:json@20231013 to fix ✗ Allocation of Resources Without Limits or Throttling (new) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGJSON-5962464] in org.json:json@20230227 introduced by org.json:json@20230227
mapfish · Oct 23, 2023 · 451782f · 451782f
1 parent d0d17fc
commit 451782f
Showing 1 changed file with 2 additions and 2 deletions.
diff --git a/core/build.gradle b/core/build.gradle
@@ -168,7 +168,7 @@ dependencies {
             "org.slf4j:jul-to-slf4j:2.0.9",
             "ch.qos.logback:logback-classic:1.3.11",
             "ch.qos.logback:logback-access:1.3.11",
-            'org.json:json:20230227',
+            'org.json:json:20231013',
             'org.yaml:snakeyaml:2.0',
             'com.github.spullara.cli-parser:cli-parser:1.1.6',
             'org.apache.httpcomponents:httpclient:4.5.14',
@@ -196,7 +196,7 @@ dependencies {
     )
 
     providedCompile('javax.servlet:javax.servlet-api:4.0.1')
-    compileOnly "com.github.spotbugs:spotbugs-annotations:4.7.3"
+    compileOnly "com.github.spotbugs:spotbugs-annotations:4.8.0"
 
     testCompile group: 'de.saly', name: 'javamail-mock2-fullmock', version: '0.5-beta4'
 }