[Snyk] Fix for 57 vulnerabilities

[Raj2020Github]

Snyk has created this PR to fix 57 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Remote Code Execution SNYK-JAVA-ORGSPRINGFRAMEWORK-2436751	919	Mature
	Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCATEMBED-5953331	864	Mature
	Improper Access Control SNYK-JAVA-ORGSPRINGFRAMEWORK-3369852	776	Proof of Concept
	Path Traversal SNYK-JAVA-ORGSPRINGFRAMEWORK-7945490	756	Major version upgrade Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCATEMBED-6435948	696	Major version upgrade Proof of Concept
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6261586	676	Major version upgrade Proof of Concept
	Uncaught Exception SNYK-JAVA-ORGAPACHETOMCATEMBED-8383920	674	Major version upgrade No Known Exploit
	Arbitrary Code Execution SNYK-JAVA-ORGYAML-3152153	651	Major version upgrade Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538	649	Major version upgrade No Known Exploit
	Insufficient Session Expiration SNYK-JAVA-ORGAPACHETOMCATEMBED-7430175	649	Major version upgrade No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGAPACHETOMCATEMBED-8073090	649	Major version upgrade No Known Exploit
	Path Traversal SNYK-JAVA-ORGSPRINGFRAMEWORK-8230373	649	Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCATEMBED-3326459	646	Proof of Concept
	Access Restriction Bypass SNYK-JAVA-ORGAPACHETOMCATEMBED-5862028	646	Proof of Concept
	Improper Input Validation SNYK-JAVA-ORGAPACHETOMCATEMBED-6092281	644	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424	616	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426	616	Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244	589	No Known Exploit
	Improper Input Validation SNYK-JAVA-ORGAPACHETOMCATEMBED-3225086	589	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGAPACHETOMCATEMBED-6435950	589	Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORKBOOT-5564390	589	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGYAML-2806360	589	Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGYAML-6056527	589	Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-CHQOSLOGBACK-6094942	569	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-CHQOSLOGBACK-6094943	569	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 ch.qos.logback:logback-core: 1.2.6 -> 1.3.15 No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JAVA-CHQOSLOGBACK-6097492	569	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 Major version upgrade No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JAVA-CHQOSLOGBACK-6097493	569	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 ch.qos.logback:logback-core: 1.2.6 -> 1.3.15 No Known Exploit
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6444790	569	Major version upgrade No Known Exploit
	Privilege Escalation SNYK-JAVA-ORGAPACHETOMCATEMBED-2414084	564	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-7687447	559	Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-8384234	559	Major version upgrade No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGSPRINGFRAMEWORK-5422217	539	No Known Exploit
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016891	536	Major version upgrade Proof of Concept
	Improper Neutralization of Special Elements SNYK-JAVA-CHQOSLOGBACK-8539866	509	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 ch.qos.logback:logback-core: 1.2.6 -> 1.3.15 No Known Exploit
	Improper Neutralization of Special Elements SNYK-JAVA-CHQOSLOGBACK-8539867	509	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLJACKSONCORE-2326698	509	No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-2689634	506	Proof of Concept
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016888	506	Major version upgrade Proof of Concept
	Open Redirect SNYK-JAVA-ORGSPRINGFRAMEWORK-6597980	484	Major version upgrade No Known Exploit
	Unprotected Transport of Credentials SNYK-JAVA-ORGAPACHETOMCATEMBED-3369687	479	No Known Exploit
	Improper Input Validation SNYK-JAVA-ORGAPACHETOMCATEMBED-5959654	479	No Known Exploit
	Incomplete Cleanup SNYK-JAVA-ORGAPACHETOMCATEMBED-5959972	479	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-2434828	479	No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGSPRINGFRAMEWORK-2823313	479	No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGSPRINGFRAMEWORK-3369749	479	No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGSPRINGFRAMEWORK-7687446	479	Major version upgrade No Known Exploit
	Insufficient Hostname Verification SNYK-JAVA-CHQOSLOGBACK-1726923	454	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 ch.qos.logback:logback-core: 1.2.6 -> 1.3.15 No Known Exploit
	Improper Input Validation SNYK-JAVA-ORGSPRINGFRAMEWORK-2330878	429	No Known Exploit
	Information Exposure SNYK-JAVA-ORGAPACHETOMCATEMBED-3035793	399	No Known Exploit
	HTTP Request Smuggling SNYK-JAVA-ORGAPACHETOMCATEMBED-3097829	399	No Known Exploit
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016889	399	Major version upgrade No Known Exploit
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3113851	399	Major version upgrade No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JAVA-CHQOSLOGBACK-8539865	334	ch.qos.logback:logback-classic: 1.2.6 -> 1.3.15 ch.qos.logback:logback-core: 1.2.6 -> 1.3.15 No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230364	329	Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365	329	Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230366	329	Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230368	329	Major version upgrade No Known Exploit

Vulnerabilities that could not be fixed

• Upgrade:
  • Could not upgrade org.springframework.boot:[email protected] to org.springframework.boot:[email protected]; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/2.6.1/spring-boot-dependencies-2.6.1.pom
• Could not upgrade org.springframework.boot:[email protected] to org.springframework.boot:[email protected]; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/2.6.1/spring-boot-dependencies-2.6.1.pom

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Insufficient Hostname Verification
🦉 Server-side Request Forgery (SSRF)
🦉 Access Restriction Bypass
🦉 More lessons are available in Snyk Learn