From ed0369ac7167f3c7ce2e0c754a623c1340f5a064 Mon Sep 17 00:00:00 2001 From: Frederico Alves Date: Fri, 12 May 2023 10:34:47 +0100 Subject: [PATCH] Address CVE-2023-1370 Change oauth2-oidc-sdk to 9.43.2 --- dependencies/spring-security-dependencies.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dependencies/spring-security-dependencies.gradle b/dependencies/spring-security-dependencies.gradle index 0fec32511b..a9e39f37c5 100644 --- a/dependencies/spring-security-dependencies.gradle +++ b/dependencies/spring-security-dependencies.gradle @@ -20,7 +20,7 @@ dependencies { api "ch.qos.logback:logback-classic:1.2.12" api "com.google.inject:guice:3.0" api "com.nimbusds:nimbus-jose-jwt:9.24.4" - api "com.nimbusds:oauth2-oidc-sdk:10.7.1" + api "com.nimbusds:oauth2-oidc-sdk:9.43.2" api "com.squareup.okhttp3:mockwebserver:3.14.9" api "com.squareup.okhttp3:okhttp:3.14.9" api "com.unboundid:unboundid-ldapsdk:4.0.14"