[Snyk] Upgrade: com.fasterxml.jackson.core:jackson-annotations, com.fasterxml.jackson.core:jackson-databind, com.fasterxml.jackson.datatype:jackson-datatype-jsr310, com.github.joschi.jackson:jackson-datatype-threetenbp, com.google.code.gson:gson, com.jayway.jsonpath:json-path, com.jcraft:jsch, com.nimbusds:nimbus-jose-jwt, commons-io:commons-io, io.rest-assured:json-path, io.rest-assured:xml-path, io.swagger:swagger-jaxrs, javax.servlet:javax.servlet-api, junit:junit, org.apache.httpcomponents:httpclient, org.eclipse.jetty:jetty-jsp, org.eclipse.jetty:jetty-servlets, org.glassfish.jersey.core:jersey-common, org.glassfish.jersey.core:jersey-server, org.glassfish.jersey.containers:jersey-container-servlet-core, org.glassfish.jersey.core:jersey-client, org.glassfish.jersey.inject:jersey-hk2, org.glassfish.jersey.media:jersey-media-json-jackson, org.glassfish.jersey.media:jersey-media-multipart, org.openapitools:jackson-databind-nullable, org.springframework:spring-web, org.xerial:sqlite-jdbc

[rish2497]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

com.fasterxml.jackson.core:jackson-annotations
from 2.11.3 to 2.17.2 | 42 versions ahead of your current version | 2 months ago
on 2024-07-05
com.fasterxml.jackson.core:jackson-databind
from 2.11.3 to 2.17.2 | 49 versions ahead of your current version | 2 months ago
on 2024-07-05
com.fasterxml.jackson.datatype:jackson-datatype-jsr310
from 2.11.3 to 2.17.2 | 42 versions ahead of your current version | 2 months ago
on 2024-07-05
com.github.joschi.jackson:jackson-datatype-threetenbp
from 2.8.4 to 2.15.2 | 14 versions ahead of your current version | a year ago
on 2023-08-14
com.google.code.gson:gson
from 2.8.6 to 2.11.0 | 8 versions ahead of your current version | 4 months ago
on 2024-05-19
com.jayway.jsonpath:json-path
from 2.5.0 to 2.9.0 | 4 versions ahead of your current version | 8 months ago
on 2024-01-20
com.jcraft:jsch
from 0.1.54 to 0.1.55 | 1 version ahead of your current version | 6 years ago
on 2018-11-26
com.nimbusds:nimbus-jose-jwt
from 9.11 to 9.40 | 60 versions ahead of your current version | 3 months ago
on 2024-06-06
commons-io:commons-io
from 2.7 to 2.16.1 | 11 versions ahead of your current version | 5 months ago
on 2024-04-05
io.rest-assured:json-path
from 4.3.3 to 4.5.1 | 3 versions ahead of your current version | 3 years ago
on 2022-02-11
io.rest-assured:xml-path
from 4.3.3 to 4.5.1 | 3 versions ahead of your current version | 3 years ago
on 2022-02-11
io.swagger:swagger-jaxrs
from 1.6.2 to 1.6.14 | 12 versions ahead of your current version | 6 months ago
on 2024-03-19
javax.servlet:javax.servlet-api
from 3.0.1 to 3.1.0 | 10 versions ahead of your current version | 11 years ago
on 2013-04-25
junit:junit
from 4.13.1 to 4.13.2 | 1 version ahead of your current version | 4 years ago
on 2021-02-13
org.apache.httpcomponents:httpclient
from 4.5.13 to 4.5.14 | 1 version ahead of your current version | 2 years ago
on 2022-11-30
org.eclipse.jetty:jetty-jsp
from 9.2.7.v20150116 to 9.2.30.v20200428 | 25 versions ahead of your current version | 4 years ago
on 2020-04-28
org.eclipse.jetty:jetty-servlets
from 9.4.41.v20210516 to 9.4.55.v20240627 | 14 versions ahead of your current version | 2 months ago
on 2024-06-27
org.glassfish.jersey.core:jersey-common
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.core:jersey-server
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.containers:jersey-container-servlet-core
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.core:jersey-client
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.inject:jersey-hk2
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.media:jersey-media-json-jackson
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.glassfish.jersey.media:jersey-media-multipart
from 2.27 to 2.44 | 21 versions ahead of your current version | a month ago
on 2024-07-29
org.openapitools:jackson-databind-nullable
from 0.2.1 to 0.2.6 | 5 versions ahead of your current version | 2 years ago
on 2023-02-21
org.springframework:spring-web
from 5.3.18 to 5.3.39 | 21 versions ahead of your current version | a month ago
on 2024-08-14
org.xerial:sqlite-jdbc
from 3.36.0.3 to 3.46.1.0 | 27 versions ahead of your current version | 23 days ago
on 2024-08-19

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-COMNIMBUSDS-6247633	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-3369748	621	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538	621	No Known Exploit
	Timing Attack SNYK-JAVA-ORGECLIPSEJETTY-32151	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGECLIPSEJETTY-5958847	621	No Known Exploit
	XML Entity Expansion SNYK-JAVA-ORGGLASSFISHJERSEYMEDIA-595972	621	No Known Exploit
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6261586	621	No Known Exploit
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6444790	621	No Known Exploit
	Arbitrary Code Execution SNYK-JAVA-ORGXERIAL-5596891	621	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JAVA-ORGECLIPSEJETTY-174479	621	Mature
	Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-1078499	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-1298655	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424	621	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426	621	Proof of Concept
	Deserialization of Untrusted Data SNYK-JAVA-COMGOOGLECODEGSON-1730327	621	No Known Exploit
	Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-174560	621	No Known Exploit
	Information Disclosure SNYK-JAVA-COMGOOGLEGUAVA-1015415	621	Proof of Concept
	Authorization Bypass SNYK-JAVA-ORGECLIPSEJETTY-32385	621	No Known Exploit
	Cross-site Scripting (XSS) SNYK-JAVA-ORGECLIPSEJETTY-480557	621	Mature
	Improper Handling of Length Parameter Inconsistency SNYK-JAVA-ORGECLIPSEJETTY-5902998	621	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313	621	No Known Exploit
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6597980	621	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-7687447	621	No Known Exploit
	Creation of Temporary File in Directory with Insecure Permissions SNYK-JAVA-COMGOOGLEGUAVA-5710356	621	No Known Exploit
	Buffer Overflow SNYK-JAVA-COMJAYWAYJSONPATH-6140361	621	Proof of Concept
	Improper Input Validation SNYK-JAVA-ORGECLIPSEJETTY-2945452	621	No Known Exploit
	Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-5426161	621	No Known Exploit
	Arbitrary Code Execution SNYK-JAVA-ORGECLIPSEJETTY-5903003	621	Proof of Concept

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs