From 267c2bfdb90da22a4963f4e3ed3ee0a962ecaa30 Mon Sep 17 00:00:00 2001
From: "snyk-io[bot]" <141718529+snyk-io[bot]@users.noreply.github.com>
Date: Mon, 14 Jul 2025 07:43:01 +0000
Subject: [PATCH] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGOWASPESAPI-10562218
- https://snyk.io/vuln/SNYK-JAVA-COMMONSLANG-10734077
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-10500754
- https://snyk.io/vuln/SNYK-JAVA-COMMONSFILEUPLOAD-10363252
---
 pom.xml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 4af6d87744..f63a0c5527 100644
--- a/pom.xml
+++ b/pom.xml
@@ -285,13 +285,13 @@
         <commons.configuration.version>1.10</commons.configuration.version>
         <commons.csv.version>1.0</commons.csv.version>
         <commons.digester.version>2.1</commons.digester.version>
-        <commons.fileupload.version>1.3.1</commons.fileupload.version>
+        <commons.fileupload.version>1.6.0</commons.fileupload.version>
         <commons.httpclient.version>3.1</commons.httpclient.version>
         <commons.io.version>2.4</commons.io.version>
-        <commons.lang.version>3.3.2</commons.lang.version>
+        <commons.lang.version>3.18.0</commons.lang.version>
         <commons.logging.version>1.2</commons.logging.version>
         <commons.validator.version>1.4.1</commons.validator.version>
-        <esapi.version>2.0.1</esapi.version>
+        <esapi.version>2.7.0.0</esapi.version>
         <hibernate.version>3.6.10.Final</hibernate.version>
         <hibernate-validator.version>5.1.3.Final</hibernate-validator.version>
         <itext.version>5.5.8</itext.version>
@@ -329,7 +329,7 @@
         <easymock.version>3.0</easymock.version>
         <hsqldb.version>1.8.0.10</hsqldb.version>
         <mysql.version>5.1.38</mysql.version>
-        <jackson-2-version>2.5.1</jackson-2-version>
+        <jackson-2-version>2.15.0</jackson-2-version>
         <junit.version>4.11</junit.version>
         <selenium-client.version>1.0.2</selenium-client.version>
 
@@ -340,7 +340,7 @@
         <maven-surefire.version>2.17</maven-surefire.version>
         <maven-failsafe.version>2.17</maven-failsafe.version>
         <surefire-junit47.version>2.17</surefire-junit47.version>
-        <jacoco.version>0.7.0.201403182114</jacoco.version>
+        <jacoco.version>0.8.7</jacoco.version>
         <jsoup.version>1.8.2</jsoup.version>
         <gson.version>2.2.4</gson.version>