Skip to content

Commit

Permalink
NMS-16515: Excluding vulnerable esapi version
Browse files Browse the repository at this point in the history
  • Loading branch information
@christianpape
christianpape authored Sep 26, 2024
1 parent c196fb0 commit 8f9b489
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 0 deletions.
19 changes: 19 additions & 0 deletions dependencies/spring-security/pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -98,6 +98,25 @@
<groupId>org.apache.santuario</groupId>
<artifactId>xmlsec</artifactId>
</exclusion>
<exclusion>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
<groupId>org.owasp.esapi</groupId>
<artifactId>esapi</artifactId>
<version>${esapiVersion}</version>
<exclusions>
<exclusion>
<groupId>xml-apis</groupId>
<artifactId>*</artifactId>
</exclusion>
<exclusion>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
</exclusion>
</exclusions>
</dependency>
<dependency>
Expand Down
1 change: 1 addition & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -1661,6 +1661,7 @@
<eddsaVersion>0.3.0</eddsaVersion>
<elasticsearchNettyVersion>4.1.69.Final</elasticsearchNettyVersion>
<elasticsearchTargetVersion>7.6.2</elasticsearchTargetVersion>
<esapiVersion>2.3.0.0</esapiVersion>
<felixBridgeVersion>4.0.12</felixBridgeVersion>
<felixProxyVersion>3.0.6</felixProxyVersion>
<fopVersion>2.9</fopVersion>
Expand Down

0 comments on commit 8f9b489

Please sign in to comment.