From eca0fa6346c2d605780195da64b624249e8302fa Mon Sep 17 00:00:00 2001
From: TomForniCGI <Tom.Forni@HMCTS.NET>
Date: Thu, 23 May 2024 17:03:11 +0100
Subject: [PATCH] CVE Fix

---
 build.gradle                  | 4 ++--
 config/owasp/suppressions.xml | 2 --
 2 files changed, 2 insertions(+), 4 deletions(-)

diff --git a/build.gradle b/build.gradle
index ad14af338..76a0d3007 100644
--- a/build.gradle
+++ b/build.gradle
@@ -294,11 +294,11 @@ dependencies {
   implementation group: 'io.springfox', name: 'springfox-boot-starter', version: versions.springfoxSwagger
   implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-openfeign', version: versions.springCloud
 
-  implementation group: 'net.minidev', name: 'json-smart', version: '2.4.7'
+  implementation group: 'net.minidev', name: 'json-smart', version: '2.4.9'
 
   implementation group: 'io.vavr', name: 'vavr', version: '0.10.4'
 
-  implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.21'
+  implementation group: 'com.nimbusds', name: 'nimbus-jose-jwt', version: '9.37.2'
 
   implementation "org.apache.tomcat.embed:tomcat-embed-core:${versions.tomcatEmbedded}"
   implementation "org.apache.tomcat.embed:tomcat-embed-el:${versions.tomcatEmbedded}"
diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
index e59f116b6..8c5dfcbea 100644
--- a/config/owasp/suppressions.xml
+++ b/config/owasp/suppressions.xml
@@ -4,7 +4,6 @@
         CVE-2023-35116 refer [Ticket]
         CVE-2022-45688 refer [Ticket]
         CVE-2023-5072 refer [Ticket]
-        CVE-2023-1370 refer [Ticket]
         CVE-2023-6378 refer [Ticket]
         CVE-2023-34055 refer [Ticket]
         CVE-2023-20873 refer [Ticket]
@@ -14,7 +13,6 @@
 <cve>CVE-2023-35116</cve>
 <cve>CVE-2022-45688</cve>
 <cve>CVE-2023-5072</cve>
-<cve>CVE-2023-1370</cve>
 <cve>CVE-2023-6378</cve>
 <cve>CVE-2023-34055</cve>
 <cve>CVE-2023-20873</cve>