Skip to content

Commit 47355ff

Browse files
Copilothengyunabc
andcommitted
fix(tunnel-server): override vulnerable spring security and tomcat versions
Co-authored-by: hengyunabc <1683936+hengyunabc@users.noreply.github.com>
1 parent 3e9c2db commit 47355ff

File tree

1 file changed

+27
-0
lines changed

1 file changed

+27
-0
lines changed

tunnel-server/pom.xml

Lines changed: 27 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,8 @@
1515
<maven.compiler.target>1.8</maven.compiler.target>
1616
<maven.compiler.source>1.8</maven.compiler.source>
1717
<java.version>1.8</java.version>
18+
<spring-security.version>5.8.16</spring-security.version>
19+
<tomcat-embed-core.version>9.0.98</tomcat-embed-core.version>
1820
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
1921
<project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
2022
</properties>
@@ -36,6 +38,31 @@
3638
<type>pom</type>
3739
<scope>import</scope>
3840
</dependency>
41+
<dependency>
42+
<groupId>org.apache.tomcat.embed</groupId>
43+
<artifactId>tomcat-embed-core</artifactId>
44+
<version>${tomcat-embed-core.version}</version>
45+
</dependency>
46+
<dependency>
47+
<groupId>org.springframework.security</groupId>
48+
<artifactId>spring-security-config</artifactId>
49+
<version>${spring-security.version}</version>
50+
</dependency>
51+
<dependency>
52+
<groupId>org.springframework.security</groupId>
53+
<artifactId>spring-security-web</artifactId>
54+
<version>${spring-security.version}</version>
55+
</dependency>
56+
<dependency>
57+
<groupId>org.springframework.security</groupId>
58+
<artifactId>spring-security-core</artifactId>
59+
<version>${spring-security.version}</version>
60+
</dependency>
61+
<dependency>
62+
<groupId>org.springframework.security</groupId>
63+
<artifactId>spring-security-crypto</artifactId>
64+
<version>${spring-security.version}</version>
65+
</dependency>
3966
</dependencies>
4067
</dependencyManagement>
4168

0 commit comments

Comments
 (0)