[Snyk] Security upgrade com.alibaba.otter:canal.protocol from 1.1.5 to 3.0.0

[pushkala-datastax]

Snyk has created this PR to fix 17 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• pulsar-io/canal/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Improper Validation of Certificate with Host Mismatch SNYK-JAVA-ORGAPACHEZOOKEEPER-15456215	701	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Uncontrolled Recursion SNYK-JAVA-COMMONSLANG-10734077	654	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Incorrect Authorization SNYK-JAVA-ORGSPRINGFRAMEWORK-12817817	649	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Insertion of Sensitive Information into Log File SNYK-JAVA-ORGAPACHEZOOKEEPER-15443353	641	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Authorization Bypass Through User-Controlled Key SNYK-JAVA-ORGAPACHEZOOKEEPER-5961102	619	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-CHQOSLOGBACK-6094942	569	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-CHQOSLOGBACK-6094943	569	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JAVA-CHQOSLOGBACK-6097492	569	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Uncontrolled Resource Consumption ('Resource Exhaustion') SNYK-JAVA-CHQOSLOGBACK-6097493	569	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Information Exposure SNYK-JAVA-ORGAPACHEZOOKEEPER-6447882	539	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	External Initialization of Trusted Variables or Data Stores SNYK-JAVA-CHQOSLOGBACK-13169722	509	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Improper Neutralization of Special Elements SNYK-JAVA-CHQOSLOGBACK-8539866	509	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Improper Neutralization of Special Elements SNYK-JAVA-CHQOSLOGBACK-8539867	509	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Server-side Request Forgery (SSRF) SNYK-JAVA-CHQOSLOGBACK-8539865	334	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230364	329	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	Improper Handling of Case Sensitivity SNYK-JAVA-ORGSPRINGFRAMEWORK-8230365	329	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit
	External Initialization of Trusted Variables or Data Stores SNYK-JAVA-CHQOSLOGBACK-15062482	304	com.alibaba.otter:canal.protocol: 1.1.5 -> 3.0.0 Major version upgrade No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Denial of Service (DoS)
🦉 Server-side Request Forgery (SSRF)
🦉 Insertion of Sensitive Information into Log File
🦉 More lessons are available in Snyk Learn