From 5b7c21ec4a7604cb8718dbd62fa31497aa311305 Mon Sep 17 00:00:00 2001
From: "lineaje-autofix[bot]" <lineaje-autofix@lineaje.com>
Date: Wed, 13 Aug 2025 17:23:41 +0000
Subject: [PATCH 1/3] [lineaje] Update
 com.fasterxml.jackson.core:jackson-databind:2.12.3 to 2.12.7.1

Fixes CVEs - CVE-2020-36518,CVE-2021-46877,CVE-2022-42003,CVE-2022-42004
---
 pom.xml | 12 +++---------
 1 file changed, 3 insertions(+), 9 deletions(-)

diff --git a/pom.xml b/pom.xml
index 7f8c9c7..4ddd094 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1,17 +1,12 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0"
-         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
-         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+<?xml version="1.0" encoding="UTF-8"?><project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
-
     <groupId>com.example</groupId>
     <artifactId>my-app</artifactId>
     <version>1.0-SNAPSHOT</version>
-
     <properties>
         <maven.compiler.source>1.8</maven.compiler.source>
         <maven.compiler.target>1.8</maven.compiler.target>
     </properties>
-
     <dependencies>
         <dependency>
             <groupId>junit</groupId>
@@ -27,7 +22,7 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.12.3</version>
+            <version>2.12.7.1</version>
         </dependency>
         <dependency>
             <groupId>org.apache.commons</groupId>
@@ -170,7 +165,6 @@
             <version>3.1</version>
         </dependency>
     </dependencies>
-
     <build>
         <plugins>
             <plugin>
@@ -184,4 +178,4 @@
             </plugin>
         </plugins>
     </build>
-</project>
+</project>
\ No newline at end of file

From 813e4626215d4dee30ba1bd03596b9b3494f4266 Mon Sep 17 00:00:00 2001
From: "lineaje-autofix[bot]" <lineaje-autofix@lineaje.com>
Date: Wed, 13 Aug 2025 17:25:16 +0000
Subject: [PATCH 2/3] [lineaje] Update org.springframework:spring-core:5.3.9 to
 5.2.19

Fixes CVEs - CVE-2021-22060,CVE-2021-22096
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 4ddd094..4369266 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,7 +17,7 @@
         <dependency>
             <groupId>org.springframework</groupId>
             <artifactId>spring-core</artifactId>
-            <version>5.3.9</version>
+            <version>5.2.19</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>

From 19ed283ad3aea2b901b5d6296fc8031b5b43a455 Mon Sep 17 00:00:00 2001
From: "lineaje-autofix[bot]" <lineaje-autofix@lineaje.com>
Date: Wed, 13 Aug 2025 17:26:52 +0000
Subject: [PATCH 3/3] [lineaje] Update
 org.apache.logging.log4j:log4j-core:2.14.1 to 2.12.2

Fixes CVEs - CVE-2021-44228,CVE-2021-44832,CVE-2021-45046,CVE-2021-45105
---
 pom.xml | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/pom.xml b/pom.xml
index 4369266..fbfa366 100644
--- a/pom.xml
+++ b/pom.xml
@@ -32,7 +32,7 @@
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>
             <artifactId>log4j-core</artifactId>
-            <version>2.14.1</version>
+            <version>2.15.0</version>
         </dependency>
         <dependency>
             <groupId>org.apache.logging.log4j</groupId>