Update vulnerable dependency - javax.servlet:javax.servlet-api

Signed-off-by: Vasyl Razinkov <vasyl.razinkov@est.tech>
Change-Id: Iad407eb6c950e43e692830d595fdca680366e863
Issue-ID: SDC-4426

diff --git a/asdctool/pom.xml b/asdctool/pom.xml
index 6b40219..6e0bf5b 100644 (file)
--- a/asdctool/pom.xml
+++ b/asdctool/pom.xml
@@ -159,10 +159,13 @@
           <artifactId>log4j</artifactId>
           <groupId>log4j</groupId>
         </exclusion>
+        <exclusion>
+          <groupId>javax.servlet</groupId>
+          <artifactId>javax.servlet-api</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 
-
     <!-- ASDC dependencies end -->
     <dependency>
       <groupId>org.eclipse.jetty</groupId>
@@ -174,6 +177,10 @@
           <groupId>org.eclipse.jetty</groupId>
           <artifactId>jetty-http</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>javax.servlet</groupId>
+          <artifactId>javax.servlet-api</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 

diff --git a/catalog-be/pom.xml b/catalog-be/pom.xml
index 9e3e82f..49fd3df 100644 (file)
--- a/catalog-be/pom.xml
+++ b/catalog-be/pom.xml
@@ -116,6 +116,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -378,13 +382,6 @@
         </dependency>
         <!-- http client END -->
 
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${servlet-api.version}</version>
-            <scope>provided</scope>
-        </dependency>
-
         <dependency>
             <groupId>org.eclipse.jgit</groupId>
             <artifactId>org.eclipse.jgit</artifactId>
@@ -733,6 +730,10 @@
                     <artifactId>log4j</artifactId>
                     <groupId>log4j</groupId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
@@ -813,6 +814,10 @@
                     <groupId>javax.jms</groupId>
                     <artifactId>jms</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 
@@ -834,6 +839,10 @@
                     <artifactId>log4j</artifactId>
                     <groupId>log4j</groupId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
 

diff --git a/catalog-dao/pom.xml b/catalog-dao/pom.xml
index 72f41b7..08f16a6 100644 (file)
--- a/catalog-dao/pom.xml
+++ b/catalog-dao/pom.xml
@@ -50,6 +50,10 @@ Modifications copyright (c) 2018 Nokia
           <groupId>org.eclipse.jetty</groupId>
           <artifactId>jetty-http</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>javax.servlet</groupId>
+          <artifactId>javax.servlet-api</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>

diff --git a/catalog-fe/pom.xml b/catalog-fe/pom.xml
index 5f821fc..c869f85 100644 (file)
--- a/catalog-fe/pom.xml
+++ b/catalog-fe/pom.xml
@@ -40,6 +40,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -214,13 +218,6 @@
         </dependency>
         <!-- http client END -->
 
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${servlet-api.version}</version>
-            <scope>provided</scope>
-        </dependency>
-
         <!-- JSON and YAML Parsing -->
         <dependency>
             <groupId>com.fasterxml.jackson.dataformat</groupId>
@@ -349,6 +346,10 @@
                     <artifactId>log4j</artifactId>
                     <groupId>log4j</groupId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <!-- System metrics -->

diff --git a/catalog-model/pom.xml b/catalog-model/pom.xml
index 0d9e87a..e0dcc06 100644 (file)
--- a/catalog-model/pom.xml
+++ b/catalog-model/pom.xml
@@ -45,6 +45,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/common-app-api/pom.xml b/common-app-api/pom.xml
index dc1cc63..7f137ac 100644 (file)
--- a/common-app-api/pom.xml
+++ b/common-app-api/pom.xml
@@ -105,12 +105,6 @@
             <scope>provided</scope>
         </dependency>
 
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${servlet-api.version}</version>
-            <scope>provided</scope>
-        </dependency>
         <dependency>
             <groupId>org.hibernate.validator</groupId>
             <artifactId>hibernate-validator</artifactId>
@@ -394,6 +388,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
     </dependencies>

diff --git a/common-app-logging/pom.xml b/common-app-logging/pom.xml
index 605adf6..d01c470 100644 (file)
--- a/common-app-logging/pom.xml
+++ b/common-app-logging/pom.xml
@@ -13,12 +13,6 @@
   </parent>
 
   <dependencies>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <version>${servlet-api.version}</version>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>javax.ws.rs</groupId>
       <artifactId>javax.ws.rs-api</artifactId>
@@ -122,4 +116,4 @@
     </dependency>
   </dependencies>
 
-</project>
\ No newline at end of file
+</project>

diff --git a/common-be-tests-utils/pom.xml b/common-be-tests-utils/pom.xml
index ebc266d..aa67b00 100644 (file)
--- a/common-be-tests-utils/pom.xml
+++ b/common-be-tests-utils/pom.xml
@@ -47,6 +47,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/common-be/pom.xml b/common-be/pom.xml
index a432367..0a57575 100644 (file)
--- a/common-be/pom.xml
+++ b/common-be/pom.xml
@@ -51,6 +51,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml b/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml
index b197faa..f5ee116 100755 (executable)
--- a/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml
+++ b/common/onap-common-configuration-management/onap-configuration-management-core/pom.xml
@@ -101,11 +101,6 @@
       <artifactId>onap-configuration-management-api</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>
       <artifactId>jackson-annotations</artifactId>

diff --git a/integration-tests/pom.xml b/integration-tests/pom.xml
index 7c9798f..eea5c5a 100644 (file)
--- a/integration-tests/pom.xml
+++ b/integration-tests/pom.xml
@@ -291,6 +291,12 @@ limitations under the License.
             <artifactId>selenium-server</artifactId>
             <version>${selenium.version}</version>
             <scope>test</scope>
+            <exclusions>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
+            </exclusions>
         </dependency>
         <dependency>
             <groupId>org.seleniumhq.selenium</groupId>
@@ -365,6 +371,10 @@ limitations under the License.
                     <groupId>org.owasp.esapi</groupId>
                     <artifactId>esapi</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>

diff --git a/onboarding/pom.xml b/onboarding/pom.xml
index 204efd8..78c5c6b 100644 (file)
--- a/onboarding/pom.xml
+++ b/onboarding/pom.xml
@@ -80,7 +80,6 @@
         <zusammen-index-store.version>1.0.0</zusammen-index-store.version>
         <zusammen-common-utilities.version>1.0.3</zusammen-common-utilities.version>
         <build.tools.version>${project.version}</build.tools.version>
-        <javax.servlet.version>${servlet-api.version}</javax.servlet.version>
     </properties>
 
     <dependencyManagement>
@@ -197,8 +196,8 @@
                 <version>${aspectjrt.version}</version>
             </dependency>
             <dependency>
-                <groupId>javax.servlet</groupId>
-                <artifactId>javax.servlet-api</artifactId>
+                <groupId>jakarta.servlet</groupId>
+                <artifactId>jakarta.servlet-api</artifactId>
                 <version>${servlet-api.version}</version>
                 <scope>provided</scope>
             </dependency>

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml
index b46a136..5e84e58 100644 (file)
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/action-library-rest/action-library-rest-services/pom.xml
@@ -132,12 +132,6 @@
       <version>${jersey.multipart.version}</version>
       <scope>provided</scope>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <version>${servlet-api.version}</version>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>com.sun.activation</groupId>
       <artifactId>javax.activation</artifactId>

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml
index c2542ec..9c66307 100644 (file)
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/externaltesting-rest/externaltesting-rest-services/pom.xml
@@ -162,11 +162,6 @@
       <artifactId>openecomp-sdc-externaltesting-impl</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>com.sun.activation</groupId>
       <artifactId>javax.activation</artifactId>

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml
index f8d53a1..798f5f8 100644 (file)
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/notifications-fe/pom.xml
@@ -23,12 +23,6 @@
             <artifactId>openecomp-sdc-notification-websocket</artifactId>
             <version>${project.version}</version>
         </dependency>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${javax.servlet.version}</version>
-            <scope>provided</scope>
-        </dependency>
         <!-- JSON -->
         <dependency>
             <groupId>com.fasterxml.jackson.jaxrs</groupId>

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/pom.xml
index a739cd2..d5b543a 100644 (file)
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/onboarding-rest-war/pom.xml
@@ -100,12 +100,6 @@
             <artifactId>metrics-rest</artifactId>
             <version>${project.version}</version>
         </dependency>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${servlet-api.version}</version>
-            <scope>provided</scope>
-        </dependency>
         <!-- JSON -->
         <dependency>
             <groupId>com.fasterxml.jackson.jaxrs</groupId>

diff --git a/openecomp-be/api/openecomp-sdc-rest-webapp/openecomp-sdc-common-rest/pom.xml b/openecomp-be/api/openecomp-sdc-rest-webapp/openecomp-sdc-common-rest/pom.xml
index 4f53c43..27007e3 100644 (file)
--- a/openecomp-be/api/openecomp-sdc-rest-webapp/openecomp-sdc-common-rest/pom.xml
+++ b/openecomp-be/api/openecomp-sdc-rest-webapp/openecomp-sdc-common-rest/pom.xml
@@ -74,12 +74,6 @@
       <artifactId>openecomp-session-lib</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <version>${javax.servlet.version}</version>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>org.glassfish.jersey.core</groupId>
       <artifactId>jersey-common</artifactId>

diff --git a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
index 3ae70db..53aeedc 100644 (file)
--- a/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
+++ b/openecomp-be/backend/openecomp-sdc-security-util/pom.xml
@@ -67,12 +67,6 @@
             <version>${commons-codec}</version>
         </dependency>
 
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${javax.servlet.version}</version>
-        </dependency>
-
     </dependencies>
 
 </project>

diff --git a/openecomp-be/lib/openecomp-common-lib/pom.xml b/openecomp-be/lib/openecomp-common-lib/pom.xml
index 5665dad..fffee50 100644 (file)
--- a/openecomp-be/lib/openecomp-common-lib/pom.xml
+++ b/openecomp-be/lib/openecomp-common-lib/pom.xml
@@ -35,12 +35,6 @@
       <artifactId>openecomp-sdc-datatypes-lib</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <version>${servlet-api.version}</version>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>javax.inject</groupId>
       <artifactId>javax.inject</artifactId>

diff --git a/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml b/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml
index 409e669..f65f37d 100644 (file)
--- a/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml
+++ b/openecomp-be/lib/openecomp-core-lib/openecomp-utilities-lib/pom.xml
@@ -113,6 +113,10 @@
           <groupId>org.eclipse.jetty</groupId>
           <artifactId>jetty-http</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>javax.servlet</groupId>
+          <artifactId>javax.servlet-api</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
     <dependency>

diff --git a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml
index 3f3696e..cbe2dec 100644 (file)
--- a/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml
+++ b/openecomp-be/lib/openecomp-item-permissions-lib/openecomp-item-permissions-core/pom.xml
@@ -30,12 +30,6 @@
   <artifactId>openecomp-item-permissions-core</artifactId>
 
   <dependencies>
-
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>javax.ws.rs</groupId>
       <artifactId>javax.ws.rs-api</artifactId>

diff --git a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-api/pom.xml b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-api/pom.xml
index 5a95302..726127b 100644 (file)
--- a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-api/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-api/pom.xml
@@ -20,12 +20,6 @@
       <version>${ws.rs.version}</version>
       <scope>provided</scope>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <version>${servlet-api.version}</version>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>org.projectlombok</groupId>
       <artifactId>lombok</artifactId>

diff --git a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-spring/pom.xml b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-spring/pom.xml
index 33925e8..beee2c0 100644 (file)
--- a/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-spring/pom.xml
+++ b/openecomp-be/lib/openecomp-sdc-logging-lib/openecomp-sdc-logging-spring/pom.xml
@@ -34,11 +34,6 @@
       <artifactId>openecomp-sdc-logging-api</artifactId>
       <version>${project.version}</version>
     </dependency>
-    <dependency>
-      <groupId>javax.servlet</groupId>
-      <artifactId>javax.servlet-api</artifactId>
-      <scope>provided</scope>
-    </dependency>
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>

diff --git a/pom.xml b/pom.xml
index 0f8b970..a211a0d 100644 (file)
--- a/pom.xml
+++ b/pom.xml
@@ -56,7 +56,7 @@ Modifications copyright (c) 2018-2019 Nokia
         <jakarta.el.version>3.0.4</jakarta.el.version>
 
         <netty.version>4.1.77.Final</netty.version>
-        <servlet-api.version>4.0.1</servlet-api.version>
+        <servlet-api.version>4.0.4</servlet-api.version>
         <wire-mock.version>2.26.3</wire-mock.version>
         <ecomp.version>3.4.0</ecomp.version>
         <cassandra.unit.version>4.3.1.0</cassandra.unit.version>
@@ -79,7 +79,6 @@ Modifications copyright (c) 2018-2019 Nokia
         <commons.collections.version>4.3</commons.collections.version>
         <ws.rs.version>2.1.1</ws.rs.version>
         <javax.validation.version>2.0.1.Final</javax.validation.version>
-        <javax.servlet.version>${servlet-api.version}</javax.servlet.version>
 
         <jetty.version>9.4.49.v20220914</jetty.version>
         <jetty-distribution.version>${jetty.version}</jetty-distribution.version>
@@ -378,9 +377,10 @@ Modifications copyright (c) 2018-2019 Nokia
                 </exclusion>
             </exclusions>
         </dependency>
+        <!-- https://mvnrepository.com/artifact/jakarta.servlet/jakarta.servlet-api -->
         <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
+            <groupId>jakarta.servlet</groupId>
+            <artifactId>jakarta.servlet-api</artifactId>
             <version>${servlet-api.version}</version>
             <scope>provided</scope>
         </dependency>

diff --git a/utils/webseal-simulator/pom.xml b/utils/webseal-simulator/pom.xml
index 1ed09f6..d9790e4 100644 (file)
--- a/utils/webseal-simulator/pom.xml
+++ b/utils/webseal-simulator/pom.xml
@@ -37,6 +37,10 @@
                     <groupId>org.eclipse.jetty</groupId>
                     <artifactId>jetty-http</artifactId>
                 </exclusion>
+                <exclusion>
+                    <groupId>javax.servlet</groupId>
+                    <artifactId>javax.servlet-api</artifactId>
+                </exclusion>
             </exclusions>
         </dependency>
         <dependency>
@@ -63,11 +67,6 @@
                 </exclusion>
             </exclusions>
         </dependency>
-        <dependency>
-            <groupId>javax.servlet</groupId>
-            <artifactId>javax.servlet-api</artifactId>
-            <version>${javax.servlet.version}</version>
-        </dependency>
 
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>