From 5b7d12754ff87806b7f5c94241e4f13bbbb9501d Mon Sep 17 00:00:00 2001 From: Max Brauer Date: Thu, 18 Dec 2025 11:47:58 +0100 Subject: [PATCH 1/2] fix(deps): upgrade mssql-jdbc to 12.8.2.jre11 Addresses [CVE-2025-59250](https://nvd.nist.gov/vuln/detail/CVE-2025-59250) Signed-off-by: Max Brauer --- applications/stream-applications-core/pom.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/applications/stream-applications-core/pom.xml b/applications/stream-applications-core/pom.xml index 6ee9b7cd2..7ce56fc81 100644 --- a/applications/stream-applications-core/pom.xml +++ b/applications/stream-applications-core/pom.xml @@ -32,6 +32,9 @@ 9.43.6 9.37.4 + + 12.8.2.jre11 + @@ -56,6 +59,11 @@ mockserver-netty ${mockserver.version} + + com.microsoft.sqlserver + mssql-jdbc + ${mssql-jdbc.version} + @@ -165,6 +173,11 @@ pom import + + com.microsoft.sqlserver + mssql-jdbc + ${mssql-jdbc.version} + From 2ad670957360039c4a4ff5078431910358955115 Mon Sep 17 00:00:00 2001 From: Max Brauer Date: Thu, 18 Dec 2025 11:50:11 +0100 Subject: [PATCH 2/2] fix(deps): upgrade lz4-java to 1.8.1 Addresses [CVE-2025-12183](https://nvd.nist.gov/vuln/detail/CVE-2025-12183) Signed-off-by: Max Brauer --- applications/stream-applications-core/pom.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) diff --git a/applications/stream-applications-core/pom.xml b/applications/stream-applications-core/pom.xml index 7ce56fc81..5fc5518d5 100644 --- a/applications/stream-applications-core/pom.xml +++ b/applications/stream-applications-core/pom.xml @@ -35,6 +35,9 @@ 12.8.2.jre11 + + 1.8.1 + @@ -64,6 +67,11 @@ mssql-jdbc ${mssql-jdbc.version} + + org.lz4 + lz4-java + ${lz4-java.version} + @@ -178,6 +186,11 @@ mssql-jdbc ${mssql-jdbc.version} + + org.lz4 + lz4-java + ${lz4-java.version} +