From 94aaed1bf9835a849e64a9ad5dea04930a2f0574 Mon Sep 17 00:00:00 2001 From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com> Date: Fri, 3 Jan 2025 05:00:43 +0000 Subject: [PATCH] chore: Bump com.nimbusds:nimbus-jose-jwt from 9.48 to 10.0 in /backend Bumps [com.nimbusds:nimbus-jose-jwt](https://bitbucket.org/connect2id/nimbus-jose-jwt) from 9.48 to 10.0. - [Changelog](https://bitbucket.org/connect2id/nimbus-jose-jwt/src/master/CHANGELOG.txt) - [Commits](https://bitbucket.org/connect2id/nimbus-jose-jwt/branches/compare/10.0..9.48) --- updated-dependencies: - dependency-name: com.nimbusds:nimbus-jose-jwt dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] --- backend/build.gradle | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/backend/build.gradle b/backend/build.gradle index 5857f71d..ac35ae09 100644 --- a/backend/build.gradle +++ b/backend/build.gradle @@ -40,7 +40,7 @@ dependencies { implementation "org.springframework.boot:spring-boot-starter-cache" implementation "org.springframework.boot:spring-boot-starter-actuator" implementation "org.springframework.boot:spring-boot-starter-oauth2-client" - implementation "com.nimbusds:nimbus-jose-jwt:9.48" // Explicit version to fix CVE-2023-52428 + implementation "com.nimbusds:nimbus-jose-jwt:10.0" // Explicit version to fix CVE-2023-52428 implementation "com.fasterxml.uuid:java-uuid-generator:${javaUuidGeneratorVersion}" implementation "net.logstash.logback:logstash-logback-encoder:${logstashVersion}" implementation "com.github.ben-manes.caffeine:caffeine:${caffeineVersion}"