revert-using-older-version(AST- 000)

[cx-hitesh-madgulkar]

using older version of

1. com.google.code.gson
2. commons-lang3

[cx-ben-alvo]

Checkmarx One – Scan Summary & Details – 24762676-99e4-4054-a186-32c67260f028

New Issues (2)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2025-48924	Maven-org.apache.commons:commons-lang3-3.14.0	details Recommended version: 3.18.0 Description: Uncontrolled Recursion vulnerability in Apache Commons Lang. The methods `ClassUtils.getClass(...)` can `throwStackOverflowError` on very long inpu... Attack Vector: NETWORK Attack Complexity: LOW Exploitable Path: getClass@...rx/ast/wrapper/Execution.java - ... - getClass@...commons/lang3/ClassUtils.java ID: bWLs1umS2vA1CjwG8KVu7LTzN33ZnSleWxT6whNGngk%3D Vulnerable Package
	CVE-2025-53864	Maven-com.google.code.gson:gson-2.10.1	details Recommended version: 2.12.0 Description: Connect2id Nimbus JOSE + JWT allows a remote attacker to cause a Denial-of-Service (DoS) via a deeply nested JSON object supplied in a JWT claim se... Attack Vector: NETWORK Attack Complexity: LOW ID: RcOBvx28SsVINUU47j7ecbMJ1KfYkDCLzPqkn495sA8%3D Vulnerable Package

Policy Management Violations (1)

Policy Name: Phoenix-Policy

The following violations of your team's AppSec policy rules were identified in this project. Since 'Break Build' is enabled for these rules, you must resolve these issues before the Pull Request can be merged.

• Rule Name: New vulnerabilities of High, Medium and Low severity levels detected
  Scanner: SAST,SCA,IaC-Security