[PRODSEC-9478] Fix for Vulnerabilities in Spring Expression Language (SpEL) (#2125)

Co-authored-by: Sathish Kumar <ST28@ford.com>

pom.xml

@@ -90,6 +90,7 @@
       <dependency.commons-io.version>2.15.1</dependency.commons-io.version>
       <dependency.commons-codec.version>1.16.1</dependency.commons-codec.version>
       <dependency.spring.version>5.3.33</dependency.spring.version>
+      <dependency.spring-expression.version>6.1.12</dependency.spring-expression.version>
       <dependency.zookeeper.version>3.4.14</dependency.zookeeper.version>
       <dependency.mime4j.version>0.8.11</dependency.mime4j.version>
    </properties>
@@ -102,6 +103,11 @@
             <type>pom</type>
             <scope>import</scope>
          </dependency>
+          <dependency>
+              <groupId>org.springframework</groupId>
+              <artifactId>spring-expression</artifactId>
+              <version>${dependency.spring-expression.version}</version>
+          </dependency>
          <dependency>
             <groupId>org.apache.zookeeper</groupId>
             <artifactId>zookeeper</artifactId>

search-services/packaging/src/main/resources/licenses/notice.txt

@@ -67,7 +67,7 @@ spring-aop-5.3.33.jar http://projects.spring.io/spring-framework/
 spring-beans-5.3.33.jar http://projects.spring.io/spring-framework/
 spring-context-5.3.33.jar http://projects.spring.io/spring-framework/
 spring-core-5.3.33.jar http://projects.spring.io/spring-framework/
-spring-expression-5.3.33.jar http://projects.spring.io/spring-framework/
+spring-expression-6.1.12.jar http://projects.spring.io/spring-framework/
 spring-jdbc-5.3.33.jar http://projects.spring.io/spring-framework/
 spring-orm-5.3.33.jar http://projects.spring.io/spring-framework/
 spring-tx-5.3.33.jar http://projects.spring.io/spring-framework/