Skip to content

[MS-39304] remediate high vulnerabilities [Core & Azure]

VidyaDharani Lokam requested to merge az/vl-fix-vul into master

Details:

Azure

mvn dependency:tree before changes(service-root-level)

[INFO] --- dependency:3.6.0:tree (default-cli) @ os-storage ---
[INFO] org.opengroup.osdu:os-storage:pom:0.27.0-SNAPSHOT
[INFO] |  |  +- org.springdoc:springdoc-openapi-starter-common:jar:2.3.0:compile
[INFO] |  |  |  +- org.springframework.boot:spring-boot-autoconfigure:jar:3.2.4:compile
[INFO] |  |  |  |  \- org.springframework.boot:spring-boot:jar:3.2.4:compile
[INFO] |  |  |  \- io.swagger.core.v3:swagger-core-jakarta:jar:2.2.19:compile
[INFO] |  |  |     +- org.apache.commons:commons-lang3:jar:3.13.0:compile
[INFO] |  |  \- org.springframework:spring-webmvc:jar:6.1.5:compile
[INFO] |  |     \- org.springframework:spring-web:jar:6.1.5:compile
[INFO] |  \- org.webjars:swagger-ui:jar:5.10.3:compile
[INFO] +- org.springframework.plugin:spring-plugin-core:jar:2.0.0.RELEASE:compile
[INFO] |  +- org.springframework:spring-beans:jar:6.1.5:compile
[INFO] |  |  \- org.springframework:spring-core:jar:6.1.5:compile
[INFO] |  |     \- org.springframework:spring-jcl:jar:6.1.5:compile
[INFO] |  +- org.springframework:spring-context:jar:6.1.5:compile
[INFO] |  |  +- org.springframework:spring-expression:jar:6.1.5:compile
[INFO] |  |  \- io.micrometer:micrometer-observation:jar:1.12.4:compile
[INFO] |  |     \- io.micrometer:micrometer-commons:jar:1.12.4:compile
[INFO] |  +- org.springframework:spring-aop:jar:6.1.5:compile
[INFO] |  \- org.slf4j:slf4j-api:jar:2.0.12:compile
[INFO] \- org.springframework.plugin:spring-plugin-metadata:jar:2.0.0.RELEASE:compile

mvn dependency:tree after changes (service-root-level)

[INFO] --- dependency:3.6.0:tree (default-cli) @ os-storage ---
[INFO] org.opengroup.osdu:os-storage:pom:0.27.0-SNAPSHOT
[INFO] +- org.projectlombok:lombok:jar:1.18.28:compile
[INFO] |  |  |  +- org.springframework.boot:spring-boot-autoconfigure:jar:3.2.5:compile
[INFO] |  |  |  |  \- org.springframework.boot:spring-boot:jar:3.2.5:compile
[INFO] |  |  |  \- io.swagger.core.v3:swagger-core-jakarta:jar:2.2.19:compile
[INFO] |  |  |     +- org.apache.commons:commons-lang3:jar:3.13.0:compile
[INFO] |  |  \- org.springframework:spring-webmvc:jar:6.1.6:compile
[INFO] |  |     \- org.springframework:spring-web:jar:6.1.6:compile
[INFO] |  \- org.webjars:swagger-ui:jar:5.10.3:compile
[INFO] +- org.springframework.plugin:spring-plugin-core:jar:2.0.0.RELEASE:compile
[INFO] |  +- org.springframework:spring-beans:jar:6.1.6:compile
[INFO] |  |  \- org.springframework:spring-core:jar:6.1.6:compile
[INFO] |  |     \- org.springframework:spring-jcl:jar:6.1.6:compile
[INFO] |  +- org.springframework:spring-context:jar:6.1.6:compile
[INFO] |  |  +- org.springframework:spring-expression:jar:6.1.6:compile
[INFO] |  |  \- io.micrometer:micrometer-observation:jar:1.12.5:compile
[INFO] |  |     \- io.micrometer:micrometer-commons:jar:1.12.5:compile
[INFO] |  +- org.springframework:spring-aop:jar:6.1.6:compile
[INFO] |  \- org.slf4j:slf4j-api:jar:2.0.13:compile
[INFO] \- org.springframework.plugin:spring-plugin-metadata:jar:2.0.0.RELEASE:compile
Edited by VidyaDharani Lokam

Merge request reports