From a54af69c5df136370225fc2f3d91645d034f7014 Mon Sep 17 00:00:00 2001
From: snyk-bot <snyk-bot@snyk.io>
Date: Mon, 2 Feb 2026 14:56:43 +0000
Subject: [PATCH] fix: log4shell-goof/log4shell-server/pom.xml to reduce
 vulnerabilities

The following vulnerabilities are fixed with an upgrade:
- https://dev.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-30078
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2320014
- https://dev.snyk.io/vuln/SNYK-JAVA-COMUNBOUNDID-32143
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2321524
- https://dev.snyk.io/vuln/SNYK-JAVA-ORGAPACHELOGGINGLOG4J-2327339
- https://dev.snyk.io/vuln/SNYK-JAVA-COMMONSCOLLECTIONS-472711
- https://dev.snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-2391283
- https://dev.snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-3012383
- https://dev.snyk.io/vuln/SNYK-JAVA-IOUNDERTOW-2871356
---
 log4shell-goof/log4shell-server/pom.xml | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/log4shell-goof/log4shell-server/pom.xml b/log4shell-goof/log4shell-server/pom.xml
index 94de0952b2..cc0176520e 100644
--- a/log4shell-goof/log4shell-server/pom.xml
+++ b/log4shell-goof/log4shell-server/pom.xml
@@ -20,22 +20,22 @@
     <dependency>
       <groupId>org.apache.logging.log4j</groupId>
       <artifactId>log4j-core</artifactId>
-      <version>2.15.0</version>
+      <version>2.17.1</version>
     </dependency>
     <dependency>
       <groupId>com.unboundid</groupId>
       <artifactId>unboundid-ldapsdk</artifactId>
-      <version>3.1.1</version>
+      <version>4.0.5</version>
     </dependency>
     <dependency>
       <groupId>io.undertow</groupId>
       <artifactId>undertow-core</artifactId>
-      <version>2.2.13.Final</version>
+      <version>2.3.0.Final</version>
     </dependency>
     <dependency>
       <groupId>commons-collections</groupId>
       <artifactId>commons-collections</artifactId>
-      <version>3.1</version>
+      <version>3.2.2</version>
     </dependency>
     <dependency>
       <groupId>org.apache.commons</groupId>