From 83635ab0158bac2a22a048bc2a193e50dca33f6e Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 14 Jul 2025 07:31:23 +0000
Subject: [PATCH] fix: pom.xml to reduce vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHECOMMONS-10734078
- https://snyk.io/vuln/SNYK-JAVA-COMMONSFILEUPLOAD-10363252
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETOMCAT-10365123
- https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-10500754
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHETOMCAT-10365311
---
 pom.xml | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index eaf1ac3..0194be7 100644
--- a/pom.xml
+++ b/pom.xml
@@ -107,7 +107,7 @@
         <dependency>
             <groupId>org.apache.commons</groupId>
             <artifactId>commons-lang3</artifactId>
-            <version>3.3.2</version>
+            <version>3.18.0</version>
         </dependency>
         <!--<dependency>
             <groupId>commons-fileupload</groupId>
@@ -199,7 +199,7 @@
         <dependency>
             <groupId>org.apache.tomcat</groupId>
             <artifactId>tomcat-catalina</artifactId>
-            <version>7.0.109</version>
+            <version>9.0.106</version>
             <scope>provided</scope>
         </dependency>
 
@@ -224,12 +224,12 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.8.6</version>
+            <version>2.15.0</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.13.4.2</version>
+            <version>2.15.0</version>
         </dependency>
 
         <!-- Spring MVC framework -->
@@ -262,7 +262,7 @@
         <dependency>
             <groupId>commons-fileupload</groupId>
             <artifactId>commons-fileupload</artifactId>
-            <version>1.3.3</version>
+            <version>1.6.0</version>
         </dependency>
 
         <!-- Apache Commons Upload -->