Remove dependency vulnerability
Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Ia703de3d5bad1780e63be401ce0b435cb665f505
Issue-ID: SDC-3572
diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 53af2c7..bf56d4d 100644
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -16,7 +16,7 @@
<java-hamcrest.version>2.0.0.0</java-hamcrest.version>
<swagger.version>${swagger-core-mvn-plugin.version}</swagger.version>
<swagger-ui.version>3.25.0</swagger-ui.version>
- <maven-dependency-plugin.version>3.1.1</maven-dependency-plugin.version>
+ <maven-dependency-plugin.version>3.2.0</maven-dependency-plugin.version>
<replacer.plugin.version>1.5.3</replacer.plugin.version>
</properties>
@@ -90,7 +90,7 @@
<!-- Swagger Dependencies End -->
<dependency>
- <groupId>org.hibernate</groupId>
+ <groupId>org.hibernate.validator</groupId>
<artifactId>hibernate-validator</artifactId>
<version>${hibernate.validator.version}</version>
</dependency>
@@ -239,6 +239,10 @@
<groupId>org.springframework</groupId>
<artifactId>spring-context</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-validator</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -253,6 +257,12 @@
<dependency>
<groupId>org.glassfish.jersey.ext</groupId>
<artifactId>jersey-bean-validation</artifactId>
+ <exclusions>
+ <exclusion>
+ <groupId>org.hibernate</groupId>
+ <artifactId>hibernate-validator</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<!-- http client -->
@@ -406,6 +416,10 @@
<groupId>commons-io</groupId>
<artifactId>commons-io</artifactId>
</exclusion>
+ <exclusion>
+ <groupId>commons-codec</groupId>
+ <artifactId>commons-codec</artifactId>
+ </exclusion>
</exclusions>
</dependency>
@@ -517,7 +531,7 @@
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
- <version>2.2.0.0</version>
+ <version>${org.owasp.esapi.version}</version>
<exclusions>
<exclusion>
<groupId>xerces</groupId>