Update vulnerable dependencies

- spring-framework (6.1.15 -> 6.1.21)
- jersey (3.1.9 -> 3.1.11)
- netty (4.1.115.Final -> 4.1.130.Final)

Issue-ID: AAI-4219
Change-Id: I5579941768e49a45aaa8b5e865ee2131ea8397e3
Signed-off-by: Fiete Ostkamp <fiete.ostkamp@telekom.de>

diff --git a/aai-parent/pom.xml b/aai-parent/pom.xml
index f078114..af0a78e 100644 (file)
--- a/aai-parent/pom.xml
+++ b/aai-parent/pom.xml
@@ -79,6 +79,9 @@ limitations under the License.
         as it could potentially break our code
       -->
     <spring.boot.version>3.2.12</spring.boot.version>
+    <spring-framework.version>6.1.21</spring-framework.version>
+    <jersey.version>3.1.11</jersey.version>
+    <netty.version>4.1.130.Final</netty.version>
     <json.path.version>2.2.0</json.path.version>
     <json.version>20240303</json.version>
     <junit.version>4.12</junit.version>
@@ -117,6 +120,27 @@ limitations under the License.
 
   <dependencyManagement>
     <dependencies>
+      <dependency>
+        <groupId>org.glassfish.jersey</groupId>
+        <artifactId>jersey-bom</artifactId>
+        <version>${jersey.version}</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
+      <dependency>
+        <groupId>io.netty</groupId>
+        <artifactId>netty-bom</artifactId>
+        <version>${netty.version}</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
+      <dependency>
+        <groupId>org.springframework</groupId>
+        <artifactId>spring-framework-bom</artifactId>
+        <version>${spring-framework.version}</version>
+        <type>pom</type>
+        <scope>import</scope>
+      </dependency>
       <dependency>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-dependencies</artifactId>