Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Override msal4j dependency to address CVE-2024-35255
See GHSA-m5vv-6r4h-3vj9 TL;DR: An attacker would need to already have access to your computer in order to exploit this vulnerability. Doing so would give them read-only access to files with SYSTEM access permissions. The override is mainly just to make Dependabot shut up about it. Since this is a dependency of Minecraft itself, you'll likely get the vulnerable version anyways until Mojang updates it.
- Loading branch information