[Snyk] Upgrade: io.undertow:undertow-core, org.apache.commons:commons-lang3

[Jayaprabahar]

Snyk has created this PR to upgrade multiple dependencies.

👯 The following dependencies are linked and will therefore be updated together.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

Name	Versions	Released on

io.undertow:undertow-core
from 2.3.1.Final to 2.3.16.Final | 15 versions ahead of your current version | 22 days ago
on 2024-08-22
org.apache.commons:commons-lang3
from 3.12.0 to 3.16.0 | 4 versions ahead of your current version | a month ago
on 2024-08-01

Issues fixed by the recommended upgrade:

	Issue	Score	Exploit Maturity
	Uncontrolled Resource Consumption SNYK-JAVA-ORGJBOSSXNIO-6403375	589	No Known Exploit
	Improper Certificate Validation SNYK-JAVA-IOUNDERTOW-3339519	589	No Known Exploit
	Infinite loop SNYK-JAVA-IOUNDERTOW-3358231	589	No Known Exploit
	Improper Input Validation SNYK-JAVA-IOUNDERTOW-6567186	589	No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-IOUNDERTOW-6669948	589	No Known Exploit
	Uncontrolled Resource Consumption SNYK-JAVA-IOUNDERTOW-7300152	589	No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JAVA-IOUNDERTOW-7300153	589	No Known Exploit
	Uncontrolled Recursion SNYK-JAVA-IOUNDERTOW-7433720	589	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-IOUNDERTOW-3358786	589	No Known Exploit
	Directory Traversal SNYK-JAVA-IOUNDERTOW-7361775	589	No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• This PR was automatically created by Snyk using the credentials of a real user.
• Max score is 1000. Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

• 🧐 View latest project report
• 📜 Customise PR templates
• 🛠 Adjust upgrade PR settings
• 🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[//]: # 'snyk:metadata:{"customTemplate":{"variablesUsed":[],"fieldsUsed":[]},"dependencies":[{"name":"io.undertow:undertow-core","from":"2.3.1.Final","to":"2.3.16.Final"},{"name":"org.apache.commons:commons-lang3","from":"3.12.0","to":"3.16.0"}],"env":"prod","hasFixes":true,"isBreakingChange":false,"isMajorUpgrade":false,"issuesToFix":[{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-ORGJBOSSXNIO-6403375","issue_id":"SNYK-JAVA-ORGJBOSSXNIO-6403375","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Resource Consumption"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-3339519","issue_id":"SNYK-JAVA-IOUNDERTOW-3339519","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Certificate Validation"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-3358231","issue_id":"SNYK-JAVA-IOUNDERTOW-3358231","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Infinite loop"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-6567186","issue_id":"SNYK-JAVA-IOUNDERTOW-6567186","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Improper Input Validation"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-6669948","issue_id":"SNYK-JAVA-IOUNDERTOW-6669948","priority_score":589,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"7.5","score":375},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Allocation of Resources Without Limits or Throttling"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-7300152","issue_id":"SNYK-JAVA-IOUNDERTOW-7300152","priority_score":649,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.7","score":435},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Resource Consumption"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-7300153","issue_id":"SNYK-JAVA-IOUNDERTOW-7300153","priority_score":649,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.7","score":435},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Resource Consumption ('Resource Exhaustion')"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-7433720","issue_id":"SNYK-JAVA-IOUNDERTOW-7433720","priority_score":649,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"8.7","score":435},{"type":"scoreVersion","label":"v1","score":1}],"severity":"high","title":"Uncontrolled Recursion"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-3358786","issue_id":"SNYK-JAVA-IOUNDERTOW-3358786","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Denial of Service (DoS)"},{"exploit_maturity":"no-known-exploit","id":"SNYK-JAVA-IOUNDERTOW-7361775","issue_id":"SNYK-JAVA-IOUNDERTOW-7361775","priority_score":479,"priority_score_factors":[{"type":"fixability","label":true,"score":214},{"type":"cvssScore","label":"5.3","score":265},{"type":"scoreVersion","label":"v1","score":1}],"severity":"medium","title":"Directory Traversal"}],"prId":"417c8883-7cd0-4cb1-a4c0-17df089df6ba","prPublicId":"417c8883-7cd0-4cb1-a4c0-17df089df6ba","packageManager":"maven","priorityScoreList":[589,589,589,589,589,649,649,649,479,479],"projectPublicId":"8bea02bf-834d-46de-8746-357b3025dde4","projectUrl":"https://app.snyk.io/org/jayaprabahar/project/8bea02bf-834d-46de-8746-357b3025dde4?utm_source=github&utm_medium=referral&page=upgrade-pr","prType":"upgrade","templateFieldSources":{"branchName":"default","commitMessage":"default","description":"default","title":"default"},"templateVariants":["priorityScore"],"type":"auto","upgrade":["SNYK-JAVA-ORGJBOSSXNIO-6403375","SNYK-JAVA-IOUNDERTOW-3339519","SNYK-JAVA-IOUNDERTOW-3358231","SNYK-JAVA-IOUNDERTOW-6567186","SNYK-JAVA-IOUNDERTOW-6669948","SNYK-JAVA-IOUNDERTOW-7300152","SNYK-JAVA-IOUNDERTOW-7300153","SNYK-JAVA-IOUNDERTOW-7433720","SNYK-JAVA-IOUNDERTOW-3358786","SNYK-JAVA-IOUNDERTOW-7361775"],"upgradeInfo":{"versionsDiff":15,"publishedDate":"2024-08-22T13:21:28.000Z"},"vulns":["SNYK-JAVA-ORGJBOSSXNIO-6403375","SNYK-JAVA-IOUNDERTOW-3339519","SNYK-JAVA-IOUNDERTOW-3358231","SNYK-JAVA-IOUNDERTOW-6567186","SNYK-JAVA-IOUNDERTOW-6669948","SNYK-JAVA-IOUNDERTOW-7300152","SNYK-JAVA-IOUNDERTOW-7300153","SNYK-JAVA-IOUNDERTOW-7433720","SNYK-JAVA-IOUNDERTOW-3358786","SNYK-JAVA-IOUNDERTOW-7361775"]}'