Skip to content

Commit 92d07c2

Browse files
shahir-alishahir145
shahir-ali
and
shahir145
authored
CCD-5950: (#159)
Fix CVE-2024-38820, upgraded springSecurity and ext['spring-security.version'] from 5.8.10 to 5.8.15 Co-authored-by: shahirali <[email protected]>
1 parent 601fafd commit 92d07c2

File tree

2 files changed

+3
-5
lines changed

2 files changed

+3
-5
lines changed

build.gradle

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -168,13 +168,13 @@ ext {
168168
junitJupiterVersion = '5.9.3'
169169
junitVintageVersion = '5.9.3'
170170
powermockVersion = '2.0.9'
171-
springSecurity = '5.8.10'
171+
springSecurity = '5.8.15'
172172
springCloudVersion = '2021.0.7'
173173
}
174174

175175
ext['jackson.version'] = '2.15.3'
176176
ext['snakeyaml.version'] = '2.0'
177-
ext['spring-security.version'] = '5.8.10'
177+
ext['spring-security.version'] = '5.8.15'
178178

179179
dependencies {
180180
//implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.37.2' //Fix for CVE-2023-52428

config/owasp/suppressions.xml

Lines changed: 1 addition & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -6,12 +6,10 @@
66
CVE-2023-35116 refer [Ticket]
77
CVE-2023-6481 refer [Ticket]
88
CVE-2023-6481 refer [Ticket]
9-
10-
CVE-2024-38820 refer [Ticket]</notes>
9+
</notes>
1110
<cve>CVE-2023-34055</cve>
1211
<cve>CVE-2023-6378</cve>
1312
<cve>CVE-2023-35116</cve>
1413
<cve>CVE-2023-6481</cve>
15-
<cve>CVE-2024-38820</cve>
1614
</suppress>
1715
</suppressions>

0 commit comments

Comments
 (0)