Skip to content

Commit

Permalink
DATAGO-73412: event-management-agent:spring-web:6.0.17,Type: app_depe…
Browse files Browse the repository at this point in the history 
…ndency,Prisma Cloud Vulnerability (#172)
  • Loading branch information
@CameronRushton
CameronRushton authored Mar 22, 2024
1 parent 0878ad6 commit 07db573
Show file tree
Hide file tree
Showing 7 changed files with 56 additions and 0 deletions.
8 changes: 8 additions & 0 deletions service/confluent-schema-registry-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -17,6 +17,7 @@
<maven-shade-plugin.version>3.3.0</maven-shade-plugin.version>
<jackson-dataformat-cbor.version>2.13.4</jackson-dataformat-cbor.version>
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>
<dependencies>
<dependency>
Expand Down Expand Up @@ -60,6 +61,13 @@
<version>${jupiter.version}</version>
<scope>test</scope>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
Expand Down
8 changes: 8 additions & 0 deletions service/kafka-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
<maven-shade-plugin.version>3.3.0</maven-shade-plugin.version>
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
<jackson.version>2.16.1</jackson.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>

<dependencyManagement>
Expand All @@ -33,6 +34,13 @@
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
</dependencyManagement>

Expand Down
8 changes: 8 additions & 0 deletions service/local-storage-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,7 @@
<maven-shade-plugin.version>3.3.0</maven-shade-plugin.version>
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
<jackson.version>2.16.1</jackson.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>
<dependencyManagement>
<dependencies>
Expand All @@ -32,6 +33,13 @@
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
Expand Down
8 changes: 8 additions & 0 deletions service/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,6 +42,7 @@
<jacoco.line.percentage>0.8</jacoco.line.percentage>
<camel.version>4.2.0</camel.version>
<mockito-inline.version>5.2.0</mockito-inline.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>

<dependencyManagement>
Expand Down Expand Up @@ -70,6 +71,13 @@
</exclusion>
</exclusions>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
</dependencyManagement>

Expand Down
8 changes: 8 additions & 0 deletions service/rabbitmq-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,7 @@
<properties>
<maven.compiler.source>17</maven.compiler.source>
<maven.compiler.target>17</maven.compiler.target>
<spring-web.version>6.0.18</spring-web.version>
</properties>
<dependencies>
<dependency>
Expand All @@ -27,6 +28,13 @@
<artifactId>plugin</artifactId>
<version>1.6.3-SNAPSHOT</version>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
Expand Down
8 changes: 8 additions & 0 deletions service/solace-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,6 +21,7 @@
<maven-shade-plugin.version>3.3.0</maven-shade-plugin.version>
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
<jackson.version>2.16.0</jackson.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>

<dependencyManagement>
Expand All @@ -32,6 +33,13 @@
<type>pom</type>
<scope>import</scope>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
</dependencyManagement>

Expand Down
8 changes: 8 additions & 0 deletions service/terraform-plugin/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@
<maven-surefire-plugin.version>2.22.0</maven-surefire-plugin.version>
<maas.jobs.version>2.0.11</maas.jobs.version>
<jackson.version>2.16.1</jackson.version>
<spring-web.version>6.0.18</spring-web.version>
</properties>
<dependencies>
<dependency>
Expand Down Expand Up @@ -88,6 +89,13 @@
</exclusion>
</exclusions>
</dependency>
<!-- Override version 6.0.17 from spring-boot-starter-web 3.1.9 that has a vulnerability without moving to
v3.2.3 which uses 6.1.4 (we would require 6.1.5) -->
<dependency>
<groupId>org.springframework</groupId>
<artifactId>spring-web</artifactId>
<version>${spring-web.version}</version>
</dependency>
</dependencies>
<build>
<plugins>
Expand Down

0 comments on commit 07db573

Please sign in to comment.