[Snyk] Fix for 34 vulnerabilities

[snyk-bot]

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • pom.xml

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity
	489/1000 Why? Has a fix available, CVSS 5.5	Information Disclosure SNYK-JAVA-COMGOOGLEGUAVA-1015415	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	509/1000 Why? Has a fix available, CVSS 5.9	Deserialization of Untrusted Data SNYK-JAVA-COMGOOGLEGUAVA-32236	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	876/1000 Why? Mature exploit, Has a fix available, CVSS 9.8	Deserialization of Untrusted Data SNYK-JAVA-COMMONSCOLLECTIONS-30078	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Mature
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Deserialization of Untrusted Data SNYK-JAVA-COMMONSCOLLECTIONS-472711	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	751/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 8.6	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1040458	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Arbitrary File Deletion SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051966	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	694/1000 Why? Mature exploit, Has a fix available, CVSS 5.3	Server-Side Request Forgery (SSRF) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1051967	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Mature
	611/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.8	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088328	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088329	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088330	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	776/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 9.1	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088331	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088332	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088333	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088334	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088335	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	626/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.1	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088336	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	696/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 7.5	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088337	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	586/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.3	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1088338	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	631/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.2	Deserialization of Untrusted Data SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-1294540	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	589/1000 Why? Has a fix available, CVSS 7.5	XML External Entity (XXE) Injection SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-30385	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	589/1000 Why? Has a fix available, CVSS 7.5	Denial of Service (DoS) SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-31394	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	561/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 4.8	Insecure XML deserialization SNYK-JAVA-COMTHOUGHTWORKSXSTREAM-460764	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	Proof of Concept
	479/1000 Why? Has a fix available, CVSS 5.3	JSM bypass via ReflectionHelper SNYK-JAVA-ORGHIBERNATE-30098	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	479/1000 Why? Has a fix available, CVSS 5.3	Improper Input Validation SNYK-JAVA-ORGHIBERNATE-568162	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	550/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGHIBERNATE-569100	com.netflix.eureka:eureka-client: 1.1.135 -> 1.10.15 com.netflix.eureka:eureka-core: 1.1.135 -> 1.10.15	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-451160	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-451162	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-451164	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-451168	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	No Known Exploit
	539/1000 Why? Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-479505	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	No Known Exploit
	601/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 5.6	Prototype Pollution SNYK-JAVA-ORGWEBJARS-479774	org.webjars:bootstrap: 3.2.0 -> 4.5.0	No	Proof of Concept
	484/1000 Why? Has a fix available, CVSS 5.4	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-479782	org.webjars:bootstrap: 3.2.0 -> 4.5.0	Yes	No Known Exploit
	636/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.3	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-565171	org.webjars:bootstrap: 3.2.0 -> 4.5.0	Yes	Proof of Concept
	646/1000 Why? Proof of Concept exploit, Has a fix available, CVSS 6.5	Cross-site Scripting (XSS) SNYK-JAVA-ORGWEBJARS-567882	org.webjars:bootstrap: 3.2.0 -> 4.5.0	Yes	Proof of Concept

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic