From 68e8a4118ea322a58c27a6cf8acff85308d9b1c1 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 2 Feb 2026 23:29:48 +0000
Subject: [PATCH] fix: todolist-goof/todolist-web-common/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://dev.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015
- https://dev.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-472711
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-31507
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-32043
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-568162
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72445
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72446
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72447
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72882
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72883
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72884
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-31573
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-32044
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-569100
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-12009535
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-12010004
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-31519
- https://dev.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-31520
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-30098
---
 todolist-goof/todolist-web-common/pom.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/todolist-goof/todolist-web-common/pom.xml b/todolist-goof/todolist-web-common/pom.xml
index 1e45357265..6c31d794d4 100644
--- a/todolist-goof/todolist-web-common/pom.xml
+++ b/todolist-goof/todolist-web-common/pom.xml
@@ -21,12 +21,12 @@
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-core</artifactId>
-            <version>2.6.5</version>
+            <version>2.12.6</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
             <artifactId>jackson-databind</artifactId>
-            <version>2.6.5</version>
+            <version>2.12.6.1</version>
         </dependency>
         <dependency>
             <groupId>com.fasterxml.jackson.core</groupId>
@@ -59,14 +59,14 @@
         <dependency>
             <groupId>org.hibernate</groupId>
             <artifactId>hibernate-validator</artifactId>
-            <version>4.3.1.Final</version>
+            <version>6.0.19.Final</version>
         </dependency>
 
         <!--vulnerable commons collections (deserialization) -->
         <dependency>
             <groupId>commons-collections</groupId>
             <artifactId>commons-collections</artifactId>
-            <version>3.1</version>
+            <version>3.2.2</version>
         </dependency>
 
     </dependencies>