From f45203d505ef9fe97e6aa0c012025d93335a4533 Mon Sep 17 00:00:00 2001
From: "shashikanth.vh@huawei.com" <shashikanth.vh@huawei.com>
Date: Thu, 5 Aug 2021 20:52:50 +0530
Subject: [PATCH] SO Critical vulnerability

Issue-ID: SO-3732

Signed-off-by: SHASHIKANTH VH <shashikanth.vh@huawei.com>
Change-Id: I4a975090b3832b8a5affa48695f33edbd72da13e
---
 asdc-controller/pom.xml | 2 +-
 common/pom.xml          | 1 +
 mso-catalog-db/pom.xml  | 1 +
 pom.xml                 | 2 +-
 4 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/asdc-controller/pom.xml b/asdc-controller/pom.xml
index d539e65b13..244d83f7db 100644
--- a/asdc-controller/pom.xml
+++ b/asdc-controller/pom.xml
@@ -215,7 +215,7 @@
     <dependency>
       <groupId>commons-codec</groupId>
       <artifactId>commons-codec</artifactId>
-      <version>1.9</version>
+      <version>1.15</version>
     </dependency>
     <dependency>
       <groupId>org.onap.so</groupId>
diff --git a/common/pom.xml b/common/pom.xml
index 9af3f62442..7c37f50e90 100644
--- a/common/pom.xml
+++ b/common/pom.xml
@@ -107,6 +107,7 @@
     <dependency>
       <groupId>org.springframework.security</groupId>
       <artifactId>spring-security-web</artifactId>
+      <version>5.4.6</version>
     </dependency>
     <dependency>
       <groupId>org.mockito</groupId>
diff --git a/mso-catalog-db/pom.xml b/mso-catalog-db/pom.xml
index c2bcf9b44f..c4913e6d85 100644
--- a/mso-catalog-db/pom.xml
+++ b/mso-catalog-db/pom.xml
@@ -73,6 +73,7 @@
     <dependency>
       <groupId>org.springframework.data</groupId>
       <artifactId>spring-data-rest-hal-browser</artifactId>
+      <version>3.3.9.RELEASE</version>
     </dependency>
     <dependency>
       <groupId>org.ow2.asm</groupId>
diff --git a/pom.xml b/pom.xml
index 49d4b75f59..d86283ca2b 100644
--- a/pom.xml
+++ b/pom.xml
@@ -884,7 +884,7 @@
       <dependency>
         <groupId>commons-codec</groupId>
         <artifactId>commons-codec</artifactId>
-        <version>1.12</version>
+        <version>1.15</version>
         <scope>compile</scope>
       </dependency>
       <dependency>
-- 
2.16.6