mirror of https://github.com/OpenVidu/openvidu.git
openvidu-server: fix multiple CVEs in dependencies
- Jackson (CVE-2025-52999, PRISMA-2023-0067): upgraded `jackson-core` and `jackson-databind` from `2.14.0` to `2.19.2` - Apache HttpClient (CVE-2020-13956): upgraded `httpclient` from `4.5.12` to `4.5.14`. - Netty (CVE-2025-58057, CVE-2025-58056): upgraded `netty-codec-http` and `netty-codec-compression` from `4.2.4.Final` to `4.2.7.Final`.v2
pabloFuente
parent
da7f92d707
commit
5921eef20a
|
|
@ -212,6 +212,36 @@
|
|||
</profile>
|
||||
</profiles>
|
||||
|
||||
<dependencyManagement>
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-core</artifactId>
|
||||
<version>2.19.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
<version>2.19.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
<version>4.5.14</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec-http</artifactId>
|
||||
<version>4.2.7.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec-compression</artifactId>
|
||||
<version>4.2.7.Final</version>
|
||||
</dependency>
|
||||
</dependencies>
|
||||
</dependencyManagement>
|
||||
|
||||
<dependencies>
|
||||
<dependency>
|
||||
<groupId>org.kurento</groupId>
|
||||
|
|
@ -336,6 +366,33 @@
|
|||
<version>${version.jackson-annotations}</version>
|
||||
</dependency>
|
||||
|
||||
<!-- CVE Fixes -->
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-core</artifactId>
|
||||
<version>2.19.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>com.fasterxml.jackson.core</groupId>
|
||||
<artifactId>jackson-databind</artifactId>
|
||||
<version>2.19.2</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>org.apache.httpcomponents</groupId>
|
||||
<artifactId>httpclient</artifactId>
|
||||
<version>4.5.14</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec-http</artifactId>
|
||||
<version>4.2.7.Final</version>
|
||||
</dependency>
|
||||
<dependency>
|
||||
<groupId>io.netty</groupId>
|
||||
<artifactId>netty-codec-compression</artifactId>
|
||||
<version>4.2.7.Final</version>
|
||||
</dependency>
|
||||
|
||||
|
||||
<!-- Test dependencies -->
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue