-
Notifications
You must be signed in to change notification settings - Fork 1
Expand file tree
/
Copy pathbuild.gradle
More file actions
22 lines (19 loc) · 1.17 KB
/
build.gradle
File metadata and controls
22 lines (19 loc) · 1.17 KB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
apply from: "${rootDir}/gradle/publish-module.gradle"
dependencies {
api project(':openapi-validation-api')
implementation(libs.swagger.request.validator.core)
implementation(libs.javax.mail) // needed as otherwise ClassNotFoundException: javax.mail.internet.AddressException
constraints {
implementation(libs.commons.codec) {
because 'Apache commons-codec before 1.13 is vulnerable to information exposure. See https://devhub.checkmarx.com/cve-details/Cxeb68d52e-5509/'
}
implementation('org.mozilla:rhino:1.9.1') {
because 'CVE-2025-66453: Rhino before 1.9.1 has high CPU usage and potential DoS when passing specific numbers to toFixed() function. See https://github.com/mozilla/rhino/security/advisories/GHSA-3w8q-xq97-5j7x'
}
// implementation('org.yaml:snakeyaml:1.33') {
// because 'Vulnerability in 1.33 is not yet fixed. See: https://bitbucket.org/snakeyaml/snakeyaml/issues/561/cve-2022-1471-vulnerability-in' +
// 'https://devhub.checkmarx.com/cve-details/CVE-2022-41854/' +
// 'https://devhub.checkmarx.com/cve-details/CVE-2022-1471/'
// }
}
}