From 44d34ce3f288d049e16ce41bb459d6413f1d59e5 Mon Sep 17 00:00:00 2001
From: Alan Davis <alan.davis@alfresco.com>
Date: Mon, 21 Feb 2022 13:16:50 +0000
Subject: [PATCH] ATS-981 Avoid CVE-2022-23181 with spring-boot-starter-web
 2.6.3 (#537)

[trigger release] 2.5.7-A3
---
 pom.xml | 9 +++++++++
 1 file changed, 9 insertions(+)

diff --git a/pom.xml b/pom.xml
index adf5f1a4..c661fa5e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -248,6 +248,15 @@
         </dependencies>
     </dependencyManagement>
 
+    <!-- ATS-981: Avoid CVE-2022-23181 with spring-boot-starter-web 2.6.3 -->
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+            <version>9.0.58</version>
+        </dependency>
+    </dependencies>
+
     <distributionManagement>
         <snapshotRepository>
             <id>alfresco-public-snapshots</id>