Skip to content

Commit 7e2e446

Browse files
pboospboos
committed
[CHK-12315] Upgrade dependencies due to security alert
1 parent e0d7b45 commit 7e2e446

File tree

1 file changed

+4
-1
lines changed

1 file changed

+4
-1
lines changed

build.gradle

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -3,7 +3,7 @@ plugins {
33
alias(libs.plugins.nexus.publish)
44
}
55

6-
ext['spring-framework.version'] = '6.2.8'
6+
ext['spring-framework.version'] = '6.2.10'
77
ext['tomcat.version'] = '10.1.42'
88

99
apply from: "${rootDir}/gradle/publish-root.gradle"
@@ -72,6 +72,9 @@ subprojects {
7272
implementation("org.springframework:spring-web:6.2.10") {
7373
because("versions below 6.2.8 have security vulnerabilities including CVE-2024-38820 - see dependabot #12")
7474
}
75+
implementation("org.springframework:spring-webmvc:6.2.10") {
76+
because("versions below 6.2.10 have Path Traversal Vulnerability CVE-2025-41242 - see dependabot #247")
77+
}
7578
implementation("org.apache.tomcat.embed:tomcat-embed-core:11.0.10") {
7679
because("versions below 10.1.42 have security vulnerabilities including CVE-2024-56337 - see dependabot #13")
7780
}

0 commit comments

Comments
 (0)