Remove json-smart dependency that has reported severe CVE-2021-27568
Issue #353
duplicate
Remove json-smart that is not maintened anymore
Comments (2)
-
-
- changed status to duplicate
Duplicate of
#347. - Log in to comment
Looks like this vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2021-27568 had been fixed by json-smart: https://github.com/netplex/json-smart-v2/issues/60
Please, create a PR for the fix: https://bitbucket.org/rloyko/oauth-2.0-sdk-with-openid-connect-extensions/src/4d79e73ccfd9aac1b364151a94c80a1bb18d7c8a/pom.xml#lines-73