From 1931744f659b81c284cf663995d82bd84aa0adac Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Sat, 24 Jan 2026 03:18:38 +0000
Subject: [PATCH] fix: pom.xml & spring-exceptions/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JAVA-ORGHIBERNATE-15038759
- https://snyk.io/vuln/SNYK-JAVA-CHQOSLOGBACK-15062482
---
 pom.xml                   | 2 +-
 spring-exceptions/pom.xml | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 0fb651ed3482..d1255855418e 100644
--- a/pom.xml
+++ b/pom.xml
@@ -1295,7 +1295,7 @@
 
         <!-- logging -->
         <org.slf4j.version>1.7.32</org.slf4j.version>
-        <logback.version>1.2.7</logback.version>
+        <logback.version>1.5.25</logback.version>
 
         <!-- plugins -->
         <maven-surefire-plugin.version>2.22.2</maven-surefire-plugin.version>
diff --git a/spring-exceptions/pom.xml b/spring-exceptions/pom.xml
index 0621009bddaf..ae1f02011b6a 100644
--- a/spring-exceptions/pom.xml
+++ b/spring-exceptions/pom.xml
@@ -161,7 +161,7 @@
         <org.springframework.security.version>4.2.0.RELEASE</org.springframework.security.version>
         <javassist.version>3.21.0-GA</javassist.version>
         <!-- persistence -->
-        <hibernate.version>5.2.5.Final</hibernate.version>
+        <hibernate.version>5.3.38.Final</hibernate.version>
         <mysql-connector-java.version>5.1.40</mysql-connector-java.version>
         <tomcat-dbcp.version>7.0.73</tomcat-dbcp.version>
         <derby.version>10.13.1.1</derby.version>