[
https://issues.apache.org/jira/browse/CAMEL-19695?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17750337#comment-17750337
]
Nicolas Filotto commented on CAMEL-19695:
-----------------------------------------
Related PRs:
* https://github.com/apache/camel/pull/10964 for 3.20
* https://github.com/apache/camel/pull/10966 for 3.21
* https://github.com/apache/camel/pull/10967 for 3.22
> camel-google-bigquery - Upgrade org.json to resolve CVE-2022-45688
> ------------------------------------------------------------------
>
> Key: CAMEL-19695
> URL: https://issues.apache.org/jira/browse/CAMEL-19695
> Project: Camel
> Issue Type: Dependency upgrade
> Components: camel-google-bigquery
> Affects Versions: 3.20.6, 3.21.0
> Reporter: Nicolas Filotto
> Assignee: Nicolas Filotto
> Priority: Major
> Fix For: 3.20.7, 3.21.1, 3.22.0
>
>
> The component {{camel-google-bigquery}} indirectly depends on
> {{org.json:json:jar:20200518:compile}} which has a know CVE
> https://nvd.nist.gov/vuln/detail/CVE-2022-45688 that can be fixed by
> upgrading it to {{20230227}} or higher.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
