[SOLR-16402] Update GSON dependency for CVE 2022-24657 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 9.1, main (10.0)
Component/s: None
Labels:
None

Description

There is a CVE against GSON 2.8.9: https://nvd.nist.gov/vuln/detail/CVE-2022-25647

It may or may not impact Solr, but if we can update to 2.9.0 or higher, then it might be worth it to do so.

Attachments

Issue Links

links to

GitHub Pull Request #998

Activity

People

Assignee:: Kevin Risden

Reporter:: Cassandra Targett

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Sep/22 15:44

Updated:: 25/Jan/23 16:15

Resolved:: 07/Sep/22 22:14

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

10m