[CALCITE-6229] Upgrade json-path version to 2.9.0 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 1.37.0
Component/s: None
Labels:
- pull-request-available

Description

There is a CVE: https://osv.dev/vulnerability/GHSA-pfh2-hfmq-phg5

Probably not critical for most users since it would be strange for unsanitized user input to make it into the JSON parser through Calcite, but should be easy to patch.

Attachments

Issue Links

links to

GitHub Pull Request #3651

Activity

People

Assignee:: Unassigned

Reporter:: Will Noble

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 26/Jan/24 00:19

Updated:: 06/May/24 22:19

Resolved:: 26/Jan/24 03:32