Update overrides for vulnerable Minecraft dependencies

Alexander01998 · Alexander01998 · commit 9f9bd80216b2 · 2025-10-04T16:45:37.000+02:00
diff --git a/build.gradle b/build.gradle
@@ -43,16 +43,18 @@ repositories {
 // Override vulnerable dependencies until Minecraft updates to newer versions
 configurations.all {
 	resolutionStrategy {
-		// v2.5.1, used by Minecraft 1.21.4 - 1.21.8, is vulnerable to CVE-2024-57699
+		// v2.5.1, used by Minecraft 1.21.4 - 1.21.10, is vulnerable to CVE-2024-57699
 		force "net.minidev:json-smart:2.5.2"
-		// v2.13.4, used by Minecraft 1.21.4 - 1.21.8, is vulnerable to CVE-2025-52999
+		// v2.13.4, used by Minecraft 1.21.4 - 1.21.10, is vulnerable to CVE-2025-52999
 		force "com.fasterxml.jackson.core:jackson-core:2.15.0"
-		// v3.17.0, used by Minecraft 1.21.4 - 1.21.8, is vulnerable to CVE-2025-48924
+		// v3.17.0, used by Minecraft 1.21.4 - 1.21.10, is vulnerable to CVE-2025-48924
 		force "org.apache.commons:commons-lang3:3.18.0"
-		// v9.40, used by Minecraft 1.21.4 - 1.21.8, is vulnerable to CVE-2025-53864
+		// v9.40, used by Minecraft 1.21.4 - 1.21.10, is vulnerable to CVE-2025-53864
 		force "com.nimbusds:nimbus-jose-jwt:10.0.2"
-		// v4.1.118.Final, used by Minecraft 1.21.5 - 1.21.8, is vulnerable to CVE-2025-58057
+		// v4.1.118.Final, used by Minecraft 1.21.5 - 1.21.10, is vulnerable to CVE-2025-58057
 		force "io.netty:netty-codec:4.1.125.Final"
+		// v4.1.118.Final, used by Minecraft 1.21.5 - 1.21.10, is vulnerable to CVE-2025-58056
+		force "io.netty:netty-codec-http:4.1.125.Final"
 	}
 }
 
