From 31c268b55eb05df1e16f70ec2ea298ae570a2124 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Tue, 6 Aug 2024 03:41:36 +0000
Subject: [PATCH] fix: backend/src-common/pom.xml & pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-1048058
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30646
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-30647
- https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEHTTPCOMPONENTS-31517
- https://snyk.io/vuln/SNYK-JAVA-ORGJSON-5962464
---
 backend/src-common/pom.xml | 2 +-
 pom.xml                    | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/backend/src-common/pom.xml b/backend/src-common/pom.xml
index 5462fd0509..2fa8d657e7 100644
--- a/backend/src-common/pom.xml
+++ b/backend/src-common/pom.xml
@@ -40,7 +40,7 @@
         <dependency>
             <groupId>org.apache.httpcomponents</groupId>
             <artifactId>httpmime</artifactId>
-            <version>4.3.3</version>
+            <version>4.5.13</version>
         </dependency>
         <dependency>
             <groupId>org.spdx</groupId>
diff --git a/pom.xml b/pom.xml
index ecd339ae2d..087174b668 100644
--- a/pom.xml
+++ b/pom.xml
@@ -137,7 +137,7 @@
     <mockito.version>4.7.0</mockito.version>
     <okhttp.version>4.10.0</okhttp.version>
     <org.spdx.java.spdx.library.version>1.1.1</org.spdx.java.spdx.library.version>
-    <org.spdx.tools.java.version>1.1.5</org.spdx.tools.java.version>
+    <org.spdx.tools.java.version>1.1.8</org.spdx.tools.java.version>
     <package-url.version>1.4.1</package-url.version>
     <poi.version>4.1.2</poi.version>
     <project-lombok.version>1.18.24</project-lombok.version>