[Snyk] Upgrade commons-codec:commons-codec from 1.9 to 1.15

[nirw]

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade commons-codec:commons-codec from 1.9 to 1.15.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

---

• The recommended version is 6 versions ahead of your current version.
• The recommended version was released 3 years ago, on 2020-08-28.

The recommended version fixes:

Severity	Issue	PriorityScore (*)	Exploit Maturity
	Information Exposure SNYK-JAVA-COMMONSCODEC-561518	399/1000 Why? Has a fix available, CVSS 3.7	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

[nirw]

Checkmarx One – Scan Summary & Details – 560409cf-d8e5-4cbf-8476-5feabcaab2c1

New Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: 39	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/ApacheXmlRpc.java: 30	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/ApacheXmlRpc.java: 28	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: 45	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/juliet/IO.java: 51	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: 67	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: 33	Attack Vector
	Use_of_Non_Cryptographic_Random	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/InsecureRandom.java: 15	Attack Vector

Fixed Issues

Severity	Issue	Source File / Package	Checkmarx Insight
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	Command_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/command/CommandInjection.java: 16	Attack Vector
	LDAP_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/ldap/JndiLdapSpecial.java: 8	Attack Vector
	Reflected_XSS_All_Clients	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/xss/servlets/XssServlet3.java: 18	Attack Vector
	Reflected_XSS_All_Clients	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/cookie/UrlRewriting.java: 13	Attack Vector
	SQL_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/taint/JaxRsAnnotatedController.java: 23	Attack Vector
	Second_Order_SQL_Injection	/vendor/vems-master/servlet/FileUploadServlet.java: 96	Attack Vector
	XPath_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavax.java: 10	Attack Vector
	XPath_Injection	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathJavax.java: 10	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Absolute_Path_Traversal	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/pathtraversal/PathTraversal.java: 15	Attack Vector
	Unchecked_Input_for_Loop_Condition	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/xpath/XPathApacheXPathApi.java: 12	Attack Vector
	Log_Forging	/vendor/find-sec-bugs-master/findsecbugs-samples-java/src/test/java/testcode/struts1/StrutsV1Action.java: 22	Attack Vector