Fix s360 vulnerability for json dependency on v0.21
All Submissions:
What is the issue or story related to the change?
"risk": HIGH, "vuln_id": 995571, "vuln_name": Java (Maven) Security Update for org.json:json (GHSA-rm7j-f5g5-27vv), "cve": [CVE-2023-5072,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072],
"VulnerabilityId": 995935, "VulnerabilityName": Java (Maven) Security Update for org.json:json (GHSA-4jq9-2xhw-jpx7), "CVEs": [CVE-2023-5072,http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5072]
Change details:
Test coverage:
Does this introduce a breaking change?
- [YES/NO]
Pending items
Reviewer request
- Please provide an ETA when you plan to review this MR. Write a comment to decline or provide an ETA.
- Block the MR if you feel there is less testing or no details in the MR
- Please cover the following aspects in the MR -- Coding design: <Reviewer1> -- Backward Compatibility: <Reviewer2> -- Feature Logic: <Logic design> -- <Any other context mention here> OR -- <Component 1>: <Reviewer1> -- <CosmosDB>: <Reviewer2> -- <ServiceBus> <Reviewer3> -- <Mention any other component and owner>
Other information
Edited by Christophe Mongin