CVE-2024-47554 Apache Commons IO: Possible denial of service attack on untrusted input to XmlStreamReader (#75)

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Valera V Harseko <[email protected]>

Author: dependabot[bot]

custom-scripted-connector-bundler/pom.xml

@@ -109,7 +109,6 @@
         <dependency>
             <groupId>commons-io</groupId>
             <artifactId>commons-io</artifactId>
-            <version>2.7</version>
         </dependency>
     </dependencies>
     <build>

pom.xml

@@ -13,7 +13,7 @@
   ~ information: "Portions copyright [year] [name of copyright owner]".
   ~
   ~ Copyright 2011-2016 ForgeRock AS.
-  ~ Portions Copyrighted 2024 3A Systems LLC.
+  ~ Portions Copyrighted 2019-2024 3A Systems LLC.
   -->
 <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
@@ -180,7 +180,6 @@
 
         <!-- Apache Commons versions -->
         <apache.commons-codec.version>1.10</apache.commons-codec.version>
-        <apache.commons-io.version>2.7</apache.commons-io.version>
         <apache.commons-fileupload.version>1.5</apache.commons-fileupload.version>
 
         <ant.contrib.version>1.0b3</ant.contrib.version>
@@ -417,11 +416,6 @@
                 <artifactId>commons-codec</artifactId>
                 <version>${apache.commons-codec.version}</version>
             </dependency>
-            <dependency>
-                <groupId>commons-io</groupId>
-                <artifactId>commons-io</artifactId>
-                <version>${apache.commons-io.version}</version>
-            </dependency>
             <dependency>
                 <groupId>commons-fileupload</groupId>
                 <artifactId>commons-fileupload</artifactId>