[Snyk] Fix for 2 vulnerabilities

[pethers]

Snyk has created this PR to fix 2 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• parent-pom/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230364	40	org.springframework.security:spring-security-config: 5.8.16 -> 6.2.7 org.springframework:spring-context-support: 5.3.39 -> 6.1.14 Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365	40	org.springframework.security:spring-security-config: 5.8.16 -> 6.2.7 org.springframework:spring-aop: 5.3.39 -> 6.1.14 org.springframework:spring-context-support: 5.3.39 -> 6.1.14 org.springframework:spring-expression: 5.3.39 -> 6.1.14 org.springframework:spring-jdbc: 5.3.39 -> 6.1.14 org.springframework:spring-orm: 5.3.39 -> 6.1.14 Major version upgrade No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

[github-actions]

Dependency Review

✅ No vulnerabilities or license issues or OpenSSF Scorecard issues found.

Snapshot Warnings

⚠️: No snapshots were found for the head SHA a69db94.

Ensure that dependencies are being submitted on PR branches and consider enabling retry-on-snapshot-warnings. See the documentation for more information and troubleshooting advice.

OpenSSF Scorecard

Package	Version	Score	Details
maven/org.springframework:spring-aspects	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-beans	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-context	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-context-support	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-expression	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-jdbc	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-orm	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-oxm	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed
maven/org.springframework:spring-test	6.1.14	🟢 6.2	Details Check Score Reason Code-Review ⚠️ 0 Found 0/30 approved changesets -- score normalized to 0 Maintained 🟢 10 30 commit(s) and 14 issue activity found in the last 90 days -- score normalized to 10 CII-Best-Practices ⚠️ 0 no effort to earn an OpenSSF best practices badge detected License 🟢 10 license file detected Signed-Releases ⚠️ -1 no releases found Dangerous-Workflow 🟢 10 no dangerous workflow patterns detected Packaging ⚠️ -1 packaging workflow not detected Branch-Protection 🟢 3 branch protection is not maximal on development and all release branches Security-Policy 🟢 10 security policy file detected Token-Permissions ⚠️ 0 detected GitHub workflow tokens with excessive permissions SAST ⚠️ 0 no SAST tool detected Vulnerabilities 🟢 10 0 existing vulnerabilities detected Pinned-Dependencies 🟢 6 dependency not pinned by hash detected -- score normalized to 6 Binary-Artifacts 🟢 9 binaries present in source code Fuzzing 🟢 10 project is fuzzed

Scanned Files

• parent-pom/pom.xml