ATS-981 Avoid CVE-2022-23181 with spring-boot-starter-web 2.6.3 (#537)

[trigger release] 2.5.7-A3
2025-07-07 18:24:50 +00:00 · 2022-02-21 13:16:50 +00:00 · 2022-02-21 13:16:50 +00:00 · 44d34ce3f2
commit 44d34ce3f2
parent f2478ee2b7
1 changed files with 9 additions and 0 deletions
--- a/pom.xml
+++ b/pom.xml
@ -248,6 +248,15 @@
        </dependencies>
    </dependencyManagement>

+    <!-- ATS-981: Avoid CVE-2022-23181 with spring-boot-starter-web 2.6.3 -->
+    <dependencies>
+        <dependency>
+            <groupId>org.apache.tomcat.embed</groupId>
+            <artifactId>tomcat-embed-core</artifactId>
+            <version>9.0.58</version>
+        </dependency>
+    </dependencies>
+
    <distributionManagement>
        <snapshotRepository>
            <id>alfresco-public-snapshots</id>