Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

json-path 2.9.0, guava 33.0.0-jre fixing vulns

Description

Upgrade json-path from 2.8.0 to 2.9.0 fixing Buffer Overflow: https://nvd.nist.gov/vuln/detail/CVE-2023-51074
generate-marc-utils' code doesn't use the affected method.

Upgrade guava from 30.1-jre to 33.0.0-jre fixing Information Disclosure: https://nvd.nist.gov/vuln/detail/CVE-2020-8908 , https://nvd.nist.gov/vuln/detail/CVE-2023-2976
generate-marc-utils' code doesn't use the affected method.

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:
Done

Details

Assignee

Reporter

Labels

Priority

Story Points

Sprint

Development Team

Firebird

Fix versions

RCA Group

Related dependency upgrade

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created January 22, 2024 at 2:47 PM
Updated March 19, 2024 at 11:41 AM
Resolved February 22, 2024 at 3:01 PM
TestRail: Cases
TestRail: Runs