search

luposlip / json-schema

Clojure library JSON Schema validation and generation - Draft-07 compatible
Apache License 2.0
72 stars 7 forks source link

Update JSON-java to tackle CVE-2023-5072 #15

Closed speque closed 1 year ago

speque commented 1 year ago

Hello, and thank you for your library!

Could you consider updating org.json/json library to version 20231013, the versions before that one include this vulnerability https://nvd.nist.gov/vuln/detail/CVE-2023-5072

luposlip commented 1 year ago

Thanks for your ticket! I plan to fix this within the week.

luposlip commented 1 year ago

Closed with newest release: https://github.com/luposlip/json-schema/releases/tag/v0.4.2

luposlip commented 1 year ago

FYI @speque

speque commented 1 year ago

Thank you!