Remove vulnerable dependency

Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: I7faf230b6cd65cafb07ed766a333f7857410db8a
Issue-ID: SDC-4017

diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 6595fef..467b356 100644 (file)
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -637,6 +637,10 @@
                     <groupId>xerces</groupId>
                     <artifactId>xercesImpl</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>net.sourceforge.nekohtml</groupId>
+                    <artifactId>nekohtml</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/catalog-fe/pom.xml b/catalog-fe/pom.xml
index 4c70951..8d095f2 100644 (file)
--- a/catalog-fe/pom.xml
+++ b/catalog-fe/pom.xml
@@ -316,6 +316,10 @@
                     <groupId>xerces</groupId>
                     <artifactId>xercesImpl</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>net.sourceforge.nekohtml</groupId>
+                    <artifactId>nekohtml</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/pom.xml b/pom.xml
index dc381c4..5749fff 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -78,7 +78,7 @@ Modifications copyright (c) 2018-2019 Nokia
         <jetty-distribution.version>9.4.45.v20220203</jetty-distribution.version>
         <cxf.version>3.4.4</cxf.version>
 
-        <org.owasp.esapi.version>2.2.3.1</org.owasp.esapi.version>
+        <org.owasp.esapi.version>2.4.0.0</org.owasp.esapi.version>
         <org.dom4j.version>2.1.3</org.dom4j.version>
 
         <!-- JSON and YAML Parsing -->