fix: vulnerabilities (#261)

* fix: upgrade tomcat-embed-core

* fix: vulnerability fixes

Author: sattvikc

CHANGELOG.md

@@ -9,7 +9,7 @@ to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
 
 ## [9.0.1]
 
-- Upgrades the embedded tomcat from 11.0.5 to 11.0.6 because of security vulnerabilities
+- Upgrades the embedded tomcat 11.0.6 and logback classic to 1.5.13 because of security vulnerabilities
 
 ## [9.0.0]
 

build.gradle

@@ -29,7 +29,7 @@ dependencies {
     compileOnly group: 'com.fasterxml.jackson.core', name: 'jackson-databind', version: '2.16.1'
 
     // https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
-    compileOnly group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
+    compileOnly group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.13'
 
     // https://mvnrepository.com/artifact/com.google.code.findbugs/jsr305
     compileOnly group: 'com.google.code.findbugs', name: 'jsr305', version: '3.0.2'
@@ -46,7 +46,7 @@ dependencies {
     testImplementation group: 'org.mockito', name: 'mockito-core', version: '3.1.0'
 
     // https://mvnrepository.com/artifact/ch.qos.logback/logback-classic
-    testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.4.14'
+    testImplementation group: 'ch.qos.logback', name: 'logback-classic', version: '1.5.13'
 
     // https://mvnrepository.com/artifact/com.google.code.gson/gson
     testImplementation group: 'com.google.code.gson', name: 'gson', version: '2.3.1'