[USPR-XXXX] fix dependabot 42,43,44 (#350)

juliocastrodev · web-flow · commit 6e8ec0936c2e · 2026-04-27T10:22:57.000+02:00
diff --git a/build.gradle b/build.gradle
@@ -30,6 +30,11 @@ subprojects {
                 useVersion('3.1.1')
                 because('GHSA-2m67-wjpj-xhg9: Jackson Core 3.0.0-3.1.0 maxDocumentLength bypass')
             }
+            if (requested.group == 'org.apache.tomcat.embed' && requested.name == 'tomcat-embed-core'
+                    && requested.version != null && requested.version < '11.0.21') {
+                useVersion('11.0.21')
+                because('GHSA-rv64-5gf8-9qq8 / GHSA-x4m4-345f-5h5g / GHSA-24j9-x2wg-9qv6: Apache Tomcat < 11.0.21 vulnerabilities')
+            }
         }
     }
 

Original file line number	Diff line number	Diff line change
`@@ -30,6 +30,11 @@ subprojects {`
`30`	`30`	`useVersion('3.1.1')`
`31`	`31`	`because('GHSA-2m67-wjpj-xhg9: Jackson Core 3.0.0-3.1.0 maxDocumentLength bypass')`
`32`	`32`	`}`
	`33`	`+ if (requested.group == 'org.apache.tomcat.embed' && requested.name == 'tomcat-embed-core'`
	`34`	`+ && requested.version != null && requested.version < '11.0.21') {`
	`35`	`+ useVersion('11.0.21')`
	`36`	`+ because('GHSA-rv64-5gf8-9qq8 / GHSA-x4m4-345f-5h5g / GHSA-24j9-x2wg-9qv6: Apache Tomcat < 11.0.21 vulnerabilities')`
	`37`	`+ }`
`33`	`38`	`}`
`34`	`39`	`}`
`35`	`40`