Remo Liechti created SLING-12268:
------------------------------------
Summary: Fix CVE-2022-47937
Key: SLING-12268
URL: https://issues.apache.org/jira/browse/SLING-12268
Project: Sling
Issue Type: Bug
Components: Commons
Reporter: Remo Liechti
Current version of apache commons json is affected by
[https://nvd.nist.gov/vuln/detail/CVE-2022-47937]
Due to the relicenced base library ([https://github.com/stleary/JSON-java)],
that now uses the 'public domain', the fix of that CVE is as simple as
migrating to the latest codebase of said library.
Along this, it would be beneficial to perform some side activities, such as the
upgrade to the latest parent pom and junit5.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
