Skip to content

Commit

Permalink
CCD-5158 Fix CVE-2023-46589 (#608)
Browse files Browse the repository at this point in the history 
* CCD-5158 Upgrade Tomcat to fix CVE

* Update dependency-check-suppressions.xml

---------

Co-authored-by: RebeccaBaker <38425793+RebeccaBaker@users.noreply.github.com>
  • Loading branch information
@markdathornehmcts @RebeccaBaker
markdathornehmcts and RebeccaBaker authored Oct 3, 2024
1 parent 0bd66a6 commit 6908ed0
Show file tree
Hide file tree
Showing 2 changed files with 5 additions and 6 deletions.
2 changes: 1 addition & 1 deletion build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -149,7 +149,7 @@ dependencyManagement {
mavenBom "org.springframework.cloud:spring-cloud-dependencies:${springCloudVersion}"
}
dependencies {
dependencySet(group: 'org.apache.tomcat.embed', version: '10.1.13') {
dependencySet(group: 'org.apache.tomcat.embed', version: '10.1.26') {
entry 'tomcat-embed-core'
entry 'tomcat-embed-el'
entry 'tomcat-embed-websocket'
Expand Down
9 changes: 4 additions & 5 deletions dependency-check-suppressions.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2,14 +2,13 @@
<suppress>
<notes>Temporary Suppression
CVE-2023-34055 refer [Ticket]
CVE-2023-44487 refer [Ticket]
CVE-2023-46589 refer [Ticket]
CVE-2023-42795 refer [Ticket]
CVE-2023-45648 refer [Ticket]</notes>
CVE-2023-44487 refer [Ticket]
CVE-2023-45648 refer [Ticket]
</notes>
<cve>CVE-2023-34055</cve>
<cve>CVE-2023-44487</cve>
<cve>CVE-2023-46589</cve>
<cve>CVE-2023-42795</cve>
<cve>CVE-2023-44487</cve>
<cve>CVE-2023-45648</cve>
</suppress>
</suppressions>

0 comments on commit 6908ed0

Please sign in to comment.