Fix CVE

Upgrade com.github.spotbugs:[email protected] to com.github.spotbugs:[email protected] to fix ✗ Out-of-bounds Write [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEBCEL-3106013] in org.apache.bcel:[email protected] introduced by com.github.spotbugs:[email protected] > org.apache.bcel:[email protected] Upgrade io.sentry:[email protected] to io.sentry:[email protected] to fix Upgrade org.hibernate:[email protected] to org.hibernate:[email protected] to fix Upgrade org.json:json@20230227 to org.json:json@20231013 to fix ✗ Allocation of Resources Without Limits or Throttling (new) [High Severity][https://security.snyk.io/vuln/SNYK-JAVA-ORGJSON-5962464] in org.json:json@20230227 introduced by org.json:json@20230227
mapfish · Oct 23, 2023 · 60bc9dd · 60bc9dd
1 parent b0b6585
commit 60bc9dd
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 2 deletions.
diff --git a/build.gradle b/build.gradle
@@ -26,7 +26,7 @@ allprojects {
     version = '1.0.0'
     ext.junitVersion = "4.13.2"
     ext.groovyVersion = "3.0.19"
-    ext.spotbugsVersion = '4.5.3'
+    ext.spotbugsVersion = '4.8.0'
     ext.jasperreportVersion = "6.20.5"
 
     apply plugin: 'org.owasp.dependencycheck'

diff --git a/core/build.gradle b/core/build.gradle
@@ -179,7 +179,7 @@ dependencies {
             "org.slf4j:jul-to-slf4j:${slf4jVersion}",
             "ch.qos.logback:logback-classic:${logbackVersion}",
             "ch.qos.logback:logback-access:${logbackVersion}",
-            'org.json:json:20230227',
+            'org.json:json:20231013',
             'org.yaml:snakeyaml:2.0',
             'com.github.spullara.cli-parser:cli-parser:1.1.6',
             'org.apache.httpcomponents:httpclient:4.5.14',