[Snyk] Fix for 5 vulnerabilities

[ThinuwanW]

Snyk has created this PR to fix 5 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• backend/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-IONETTY-11799531	721	software.amazon.awssdk:s3: 2.31.56 -> 2.32.26 No Known Exploit
	Integer Overflow or Wraparound SNYK-JAVA-ORGAPACHETOMCATEMBED-10674391	649	No Known Exploit
	Allocation of Resources Without Limits or Throttling SNYK-JAVA-ORGAPACHETOMCATEMBED-10676855	649	No Known Exploit
	Session Fixation SNYK-JAVA-ORGAPACHETOMCATEMBED-11798986	631	No Known Exploit
	HTTP Response Splitting SNYK-JAVA-ORGSPRINGFRAMEWORK-10345766	439	No Known Exploit

Vulnerabilities that could not be fixed

• Upgrade:
  • Could not upgrade org.springframework.boot:spring-boot-starter-security@3.4.4 to org.springframework.boot:spring-boot-starter-security@3.4.8; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.4.4/spring-boot-dependencies-3.4.4.pom
• Could not upgrade org.springframework.boot:spring-boot-starter-web@3.4.4 to org.springframework.boot:spring-boot-starter-web@3.4.8; Reason could not apply upgrade, dependency is managed externally ; Location: https://maven-central.storage-download.googleapis.com/maven2/org/springframework/boot/spring-boot-dependencies/3.4.4/spring-boot-dependencies-3.4.4.pom

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Allocation of Resources Without Limits or Throttling

[CLAassistant]

Thank you for your submission! We really appreciate it. Like many open source projects, we ask that you sign our Contributor License Agreement before we can accept your contribution.
_{You have signed the CLA already but the status is still pending? Let us recheck it.}

[Copilot]

Pull Request Overview

This Snyk-generated PR fixes 5 security vulnerabilities by upgrading Maven dependencies. The upgrade addresses high and medium severity vulnerabilities including resource allocation issues, integer overflow, session fixation, and HTTP response splitting.

• Updates AWS SDK S3 dependency to patch allocation of resources without limits vulnerability
• Addresses vulnerabilities that could not be automatically fixed due to externally managed Spring Boot dependencies

---

_{Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.}

[sonarqubecloud]

Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud