[Snyk] Security upgrade org.springframework.security:spring-security-crypto from 5.8.12 to 6.3.8

[smaring]

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• extensions/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Authentication Bypass by Primary Weakness SNYK-JAVA-ORGSPRINGFRAMEWORKSECURITY-9486467	215	org.springframework.security:spring-security-crypto: 5.8.12 -> 6.3.8 Major version upgrade No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[hitachivantarasonarqube]

Analysis Details

0 Issues

• 0 Bugs
• 0 Vulnerabilities
• 0 Code Smells

Coverage and Duplications

• No coverage information (33.70% Estimated after merge)
• 0.00% Duplicated Code (3.40% Estimated after merge)

Project ID: pentaho:pentaho-platform-ce-parent

View in SonarQube

[buildguy]

Note:

---

Frogbot also supports Contextual Analysis, Secret Detection, IaC and SAST Vulnerabilities Scanning. This features are included as part of the JFrog Advanced Security package, which isn't enabled on your system.

---

🐸 JFrog Frogbot

[buildguy]

✅ Build finished in 30m 52s

Build command:

mvn clean verify -B -e -Daudit -Djs.no.sandbox -pl extensions

---

👌 All tests passed!

Tests run: 1561, Failures: 0, Skipped: 1    Test Results

---

ℹ️ This is an automatic message