From 12a66429cc7e9807e123ba90af6a8ef961cb7ad0 Mon Sep 17 00:00:00 2001
From: "James Burke (IDAM)" <james.burke@hmcts.net>
Date: Fri, 20 Oct 2023 09:55:01 +0100
Subject: [PATCH] cve

---
 build.gradle | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/build.gradle b/build.gradle
index b4e68d431..523eb67ce 100644
--- a/build.gradle
+++ b/build.gradle
@@ -215,6 +215,13 @@ dependencies {
   // CVE fix
   implementation 'org.yaml:snakeyaml:2.2'
 
+  implementation 'org.json:json'
+  constraints {
+    implementation('org.json:json:20231013') {
+      because 'CVE-2023-5072'
+    }
+  }
+
   compileOnly group: 'org.projectlombok', name: 'lombok'
   annotationProcessor group: 'org.projectlombok', name: 'lombok'