[Snyk] Fix for 1 vulnerabilities

[nithishayadav]

Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• 1.x/spring-boot-mybatis-annotation/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Incorrect Authorization SNYK-JAVA-ORGSPRINGFRAMEWORK-12817817	635	org.mybatis.spring.boot:mybatis-spring-boot-starter: 1.1.1 -> 1.2.0 Major version upgrade No Path Found No Known Exploit

Vulnerabilities that could not be fixed

• Upgrade:
  • Could not upgrade org.springframework.boot:spring-boot-starter@1.4.1.RELEASE to org.springframework.boot:spring-boot-starter@3.4.10; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/1.4.1.RELEASE/spring-boot-dependencies-1.4.1.RELEASE.pom
• Could not upgrade org.springframework.boot:spring-boot-starter-web@1.4.1.RELEASE to org.springframework.boot:spring-boot-starter-web@3.4.10; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/1.4.1.RELEASE/spring-boot-dependencies-1.4.1.RELEASE.pom

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Incorrect Authorization

[guardrails]

⚠️ We detected 8 security issues in this pull request:

Vulnerable Libraries (8)

Severity	Details
High	pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.8.3 (t) upgrade to: 2.9.10.8
Medium	pkg:maven/org.springframework/spring-expression@4.3.3.RELEASE (t) upgrade to: 5.3.17,5.2.20.RELEASE
Medium	pkg:maven/org.springframework/spring-core@4.3.3.RELEASE (t) upgrade to: 5.0.7,4.3.18
Critical	pkg:maven/org.springframework/spring-webmvc@4.3.3.RELEASE (t) upgrade to: 5.3.18,2.6.6,5.2.20.RELEASE,2.5.12
Critical	pkg:maven/org.springframework/spring-web@4.3.3.RELEASE (t) upgrade to: 6.0.0
Critical	pkg:maven/org.springframework/spring-beans@4.3.3.RELEASE (t) upgrade to: 2.6.6,5.3.18,2.5.12,5.2.20.RELEASE
High	pkg:maven/ch.qos.logback/logback-classic@1.1.7 (t) upgrade to: 1.4.12,1.2.13,1.3.12
Medium	pkg:maven/ch.qos.logback/logback-core@1.1.7 (t) upgrade to: 1.2.9

More info on how to fix Vulnerable Libraries in Java.

---

👉 Go to the dashboard for detailed results.

📥 Happy? Share your feedback with us.