[Snyk] Fix for 10 vulnerabilities

[Sonic269]

Snyk has created this PR to fix 10 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-IONETTY-11799531	721	software.amazon.awssdk:sts: 2.21.42 -> 2.32.31 No Known Exploit
	Improper Resource Shutdown or Release SNYK-JAVA-ORGAPACHETOMCATEMBED-11799152	721	No Known Exploit
	Relative Path Traversal SNYK-JAVA-ORGSPRINGFRAMEWORK-12008931	696	No Known Exploit
	Uncontrolled Recursion SNYK-JAVA-COMNIMBUSDS-10691768	666	Proof of Concept
	Uncontrolled Recursion SNYK-JAVA-ORGAPACHECOMMONS-10734078	654	org.springdoc:springdoc-openapi-starter-webmvc-ui: 2.3.0 -> 2.8.10 No Known Exploit
	Session Fixation SNYK-JAVA-ORGAPACHETOMCATEMBED-11798986	631	No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGBOUNCYCASTLE-11777846	601	org.linguafranca.pwdb:KeePassJava2: 2.2.1 -> 2.2.2 org.owasp:dependency-check-maven: 8.2.1 -> 11.0.0 Major version upgrade No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGBOUNCYCASTLE-11789695	601	No Known Exploit
	HTTP Response Splitting SNYK-JAVA-ORGSPRINGFRAMEWORK-10345766	439	No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-10176071	329	No Known Exploit

Vulnerabilities that could not be fixed

• Upgrade:
  • Could not upgrade com.azure.spring:spring-cloud-azure-starter-keyvault-secrets@5.7.0 to com.azure.spring:spring-cloud-azure-starter-keyvault-secrets@5.23.0; Reason could not apply upgrade, dependency is managed externally ; Location: provenance does not contain location
• Could not upgrade org.springframework.boot:spring-boot-starter-web@3.2.0 to org.springframework.boot:spring-boot-starter-web@3.4.9; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.0/spring-boot-dependencies-3.2.0.pom
• Could not upgrade org.springframework.cloud:spring-cloud-starter-vault-config@4.1.0 to org.springframework.cloud:spring-cloud-starter-vault-config@4.2.0; Reason could not apply upgrade, dependency is managed externally ; Location: provenance does not contain location
• Could not upgrade org.springframework.cloud:spring-cloud-vault-config@4.1.0 to org.springframework.cloud:spring-cloud-vault-config@4.2.2; Reason could not apply upgrade, dependency is managed externally ; Location: provenance does not contain location
• Could not upgrade org.springframework.security:spring-security-config@6.2.0 to org.springframework.security:spring-security-config@6.4.9; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.0/spring-boot-dependencies-3.2.0.pom
• Could not upgrade org.springframework.security:spring-security-web@6.2.0 to org.springframework.security:spring-security-web@6.4.9; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.2.0/spring-boot-dependencies-3.2.0.pom

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling
🦉 Relative Path Traversal