jrjackson icon indicating copy to clipboard operation
jrjackson copied to clipboard

Published 20 hours ago verified publisher icon guyboertje

Update after gson upgrade.

Open mashhurs opened this issue 1 year ago • 0 comments

Description

After gson upgrade, jrjackson needs to catch new version of gson to solve CVE-2022-25647. Reported issue: https://github.com/avsej/gson.rb/issues/10

Current 0.6.1 version internally uses lib/gson-2.2.2.jar which is CVE-2022-25647 eligible. gson needs to include at least gson-2.8.9 to be CVEs free.

mashhurs avatar Jun 29 '23 21:06 mashhurs