fix: updating owasp.html.sanitizer.version to addresss CVE-2025-66021

closes #45097 Signed-off-by: Steve Hawkins <shawkins@redhat.com>
2026-01-08 14:32:05 -03:30 · 2026-01-05 02:53:00 -05:00 · 2026-01-05 02:53:00 -05:00 · 6dc2e269be
commit 6dc2e269be
parent 0d0d468f27
1 changed files with 1 additions and 1 deletions
--- a/pom.xml
+++ b/pom.xml
@ -110,7 +110,7 @@
        <log4j2-api.version>2.25.1</log4j2-api.version> <!-- Odd name needs to align with Quarkus -->
        <resteasy.version>6.2.12.Final</resteasy.version>
        <resteasy.undertow.version>${resteasy.version}</resteasy.undertow.version>
-        <owasp.html.sanitizer.version>20240325.1</owasp.html.sanitizer.version>
+        <owasp.html.sanitizer.version>20260101.1</owasp.html.sanitizer.version>
        <slf4j.version>2.0.6</slf4j.version>
        <sun.istack.version>3.0.10</sun.istack.version>
        <sun.saaj.version>2.0.1</sun.saaj.version>