Skip to content

[🍒][PLUGIN-1918] [PLUGIN-1904] [PLUGIN-1907] Fix: Vulnerability issues due to commons-lang3, org.json and logback-classic #330

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
sgarg-CS merged 1 commit into from
Aug 13, 2025
Merged

[🍒][PLUGIN-1918] [PLUGIN-1904] [PLUGIN-1907] Fix: Vulnerability issues due to commons-lang3, org.json and logback-classic #330

sgarg-CS merged 1 commit into from
Aug 13, 2025

Conversation

@sgarg-CS
Copy link
Contributor

@sgarg-CS sgarg-CS commented Aug 12, 2025
edited by atlassian bot
Loading

[🍒]

🍒 [cherrypick]

Commits:

PR:

JIRA:

Description:

  • PLUGIN-1918: This PR upgrades the version of commons-lang3 library from v3.8.1 to v3.18.0 thereby fixing the vulnerability: CVE-2025-48924 present in the older version.

  • PLUGIN-1904: This PR upgrades the version of org.json library from v20180813 to v20231013 along with minimal code changes for handling the value conversion from BigDecimal type to double type, thereby fixing the vulnerabilities: CVE-2022-45688 and CVE-2023-5072 present in the older version.

  • PLUGIN-1907: This PR upgrades the version of logback-classic library from v1.2.8 to v1.2.13 thereby fixing the vulnerability: CVE-2023-6378 present in the older version.

@sgarg-CS
[PLUGIN-1918] [PLUGIN-1907] [PLUGIN-1904] CVE Fix for commons-lang3, …
015f134 
…logback-classic and org.json

Upgrade commons-lang3 from v3.8.1 to v3.18.0, logback-classic from v1.2.8 to v1.2.13 and org.json from v20180813 to v20231013
@sgarg-CS sgarg-CS added the build label Aug 12, 2025
@sgarg-CS sgarg-CS changed the title [PLUGIN-1918] [PLUGIN-1907] [PLUGIN-1904] Fix Vulnerability issues due to commons-lang3, org.json and logback-classic [PLUGIN-1918] [PLUGIN-1904] [PLUGIN-1907] Fix: Vulnerability issues due to commons-lang3, org.json and logback-classic Aug 12, 2025
@sgarg-CS sgarg-CS marked this pull request as ready for review August 12, 2025 16:12
MrRahulSharma
MrRahulSharma approved these changes Aug 13, 2025
View reviewed changes
Copy link
Contributor

@MrRahulSharma MrRahulSharma left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM

@sgarg-CS sgarg-CS changed the title [PLUGIN-1918] [PLUGIN-1904] [PLUGIN-1907] Fix: Vulnerability issues due to commons-lang3, org.json and logback-classic [🍒][PLUGIN-1918] [PLUGIN-1904] [PLUGIN-1907] Fix: Vulnerability issues due to commons-lang3, org.json and logback-classic Aug 13, 2025
@sgarg-CS sgarg-CS merged commit 0bfb30c into data-integrations:release/1.6 Aug 13, 2025
7 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MrRahulSharma MrRahulSharma MrRahulSharma approved these changes

@minurajeeve minurajeeve Awaiting requested review from minurajeeve

Assignees

No one assigned

Labels

build

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sgarg-CS @MrRahulSharma