[Bug]: CVE-2024-57699 in /opt/strimzi/lib/net.minidev.json-smart-2.5.0.jar

[ngton]

Bug Description

Our scanning tool found this high sev CVE in the json-smart dependency. Updating to 2.5.2 would fix

Steps to reproduce

No response

Expected behavior

No response

Strimzi version

0.45

Kubernetes version

Openshift

Installation method

No response

Infrastructure

No response

Configuration files and logs

No response

Additional context

No response

[ppatierno]

This is coming from the oauth library. @mstruk is already working on it to have an oauth 0.16.1 out soon so we can update it within the operator. Anyway it will come with the operator 0.46.0 release coming end of April, beginning of May.