From eff57fb3d84cc4c1d679c6397f46319c50de82cb Mon Sep 17 00:00:00 2001
From: Ila Patel <137802184+patelila@users.noreply.github.com>
Date: Mon, 1 Jul 2024 10:53:37 +0100
Subject: [PATCH] CCD-5193 CVE-2022-45047 - All CCD repos (#292)

* remooved CVE-2022-45047

* spring boot vesion from 3.0 to 3.1

* revert change

* revert change

* spring-cloud version change
---
 build.gradle                  | 6 +++---
 config/owasp/suppressions.xml | 2 --
 2 files changed, 3 insertions(+), 5 deletions(-)

diff --git a/build.gradle b/build.gradle
index 6813a03e..bf56e4ed 100644
--- a/build.gradle
+++ b/build.gradle
@@ -231,9 +231,9 @@ dependencies {
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-client'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-cache'
   implementation group: 'org.springframework.boot', name: 'spring-boot-starter-oauth2-resource-server'
-  implementation group: 'org.springframework.cloud', name: 'spring-cloud-config-server', version: '3.1.7'
-  implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-config', version: '3.1.7'
-  implementation group: 'org.springframework.cloud', name: 'spring-cloud-config-client', version: '3.1.7'
+  implementation group: 'org.springframework.cloud', name: 'spring-cloud-config-server', version: '4.0.5'
+  implementation group: 'org.springframework.cloud', name: 'spring-cloud-starter-config', version: '4.0.5'
+  implementation group: 'org.springframework.cloud', name: 'spring-cloud-config-client', version: '4.0.5'
   implementation group: 'org.springframework.security', name: 'spring-security-web'
   implementation group: 'org.springframework.security', name: 'spring-security-oauth2-jose'
   implementation group: 'org.springframework.security', name: 'spring-security-config'
diff --git a/config/owasp/suppressions.xml b/config/owasp/suppressions.xml
index 4abda524..ce4eae77 100644
--- a/config/owasp/suppressions.xml
+++ b/config/owasp/suppressions.xml
@@ -6,7 +6,6 @@
         CVE-2023-4759 refer [Ticket]
         CVE-2024-1597 refer [Ticket]
         CVE-2023-34055 refer [Ticket]
-        CVE-2022-45047 refer [Ticket]
         CVE-2023-48795 refer [Ticket]
         CVE-2023-35887 refer [Ticket]
         CVE-2023-46589 refer [Ticket]</notes>
@@ -15,7 +14,6 @@
     <cve>CVE-2023-4759</cve>
     <cve>CVE-2024-1597</cve>
     <cve>CVE-2023-34055</cve>
-    <cve>CVE-2022-45047</cve>
     <cve>CVE-2023-48795</cve>
     <cve>CVE-2023-35887</cve>
     <cve>CVE-2023-46589</cve>