Skip to content

Commit 433959c

Browse files
Aman-Mittaladamsaghy
Aman-Mittal
authored and
adamsaghy
committed
FINERACT-2421: Bump - org.apache.tomcat.embed:tomcat-embed-core CVE-2025-61795 
1 parent 5f2f096 commit 433959c

File tree

4 files changed

+7
-3
lines changed

4 files changed

+7
-3
lines changed

buildSrc/src/main/groovy/org.apache.fineract.dependencies.gradle

Lines changed: 4 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -279,5 +279,9 @@ dependencyManagement {
279279
dependency 'io.netty:netty-codec-http:4.1.129.Final'
280280
// Force lz4-java version: CVE-2025-12183
281281
dependency 'at.yawk.lz4:lz4-java:1.10.1'
282+
// Force tomcat-embed-core version: CVE-2025-24813
283+
dependency 'org.apache.tomcat.embed:tomcat-embed-core:10.1.47'
284+
dependency 'org.apache.tomcat.embed:tomcat-embed-el:10.1.47'
285+
dependency 'org.apache.tomcat.embed:tomcat-embed-websocket:10.1.47'
282286
}
283287
}

integration-tests/dependencies.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ dependencies {
2020
// testCompile dependencies are ONLY used in src/test, not src/main.
2121
// Do NOT repeat dependencies which are ALREADY in implementation or runtimeOnly!
2222
//
23-
tomcat 'org.apache.tomcat:tomcat:10.1.45@zip'
23+
tomcat 'org.apache.tomcat:tomcat:10.1.47@zip'
2424
def providerMainOutput = project(':fineract-provider').extensions.getByType(SourceSetContainer).named('main').get().output
2525
testImplementation( providerMainOutput,
2626
project(path: ':fineract-core', configuration: 'runtimeElements'),

oauth2-tests/dependencies.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ dependencies {
2020
// testCompile dependencies are ONLY used in src/test, not src/main.
2121
// Do NOT repeat dependencies which are ALREADY in implementation or runtimeOnly!
2222
//
23-
tomcat 'org.apache.tomcat:tomcat:10.1.45@zip'
23+
tomcat 'org.apache.tomcat:tomcat:10.1.47@zip'
2424
testImplementation( files("$rootDir/fineract-provider/build/classes/java/main/"),
2525
project(path: ':fineract-provider', configuration: 'runtimeElements'),
2626
'org.junit.jupiter:junit-jupiter-api',

twofactor-tests/dependencies.gradle

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -20,7 +20,7 @@ dependencies {
2020
// testCompile dependencies are ONLY used in src/test, not src/main.
2121
// Do NOT repeat dependencies which are ALREADY in implementation or runtimeOnly!
2222
//
23-
tomcat 'org.apache.tomcat:tomcat:10.1.45@zip'
23+
tomcat 'org.apache.tomcat:tomcat:10.1.47@zip'
2424
testImplementation( files("$rootDir/fineract-provider/build/classes/java/main/"),
2525
project(path: ':fineract-provider', configuration: 'runtimeElements'),
2626
'org.junit.jupiter:junit-jupiter-api',

0 commit comments

Comments
 (0)