[Bug]: Extra security vulnerabilities are found by Security-Scanner after 09/02/2026

[kagw95]

Describe the bug

After the previous issue was fixed, Security-Scanner workflow found extra vulnerabilities.
See attached scanner reports for details.

To Reproduce

Invoke Security-Scanner workflow manually, from Actions tab of GitHub repository.

Version

No response

Logs

grype-qubership_testing_platform_environments.sarif.zip
grype-qubership_testing_platform_environments.xlsx
trivy-qubership_testing_platform_environments.sarif.zip
trivy-qubership_testing_platform_environments.xlsx

Additional information

No response

[kagw95]

Build for internal rebuild and QA-testing:

• Version: 1.5.103-SNAPSHOT
• ghcr.io/netcracker/qubership-testing-platform-environments-transfer:main-20260227065014

Fixed security vulnerabilities are highlighted in above attached Excel files.

[kagw95]

The project is upgraded to Spring Boot 3.5.12.
Links/Versions for internal testing:

• ghcr.io/netcracker/qubership-testing-platform-environments:feature-springboot-upgrade-3-5-12-20260428075325
• ghcr.io/netcracker/qubership-testing-platform-environments-transfer:feature-springboot-upgrade-3-5-12-20260428075326
• Version: 2.0.1-SNAPSHOT

Branch link:

• https://github.com/Netcracker/qubership-testing-platform-environments/tree/feature/springboot-upgrade-3-5-12

Successful workflow links:

• Build: https://github.com/Netcracker/qubership-testing-platform-environments/actions/runs/25040561924/job/73343362556
• Maven Deploy Snapshot with Clean Install: https://github.com/Netcracker/qubership-testing-platform-environments/actions/runs/24963433280
• Security Scanner: https://github.com/Netcracker/qubership-testing-platform-environments/actions/runs/24963446530

Excel files with Security-Scanner results attached:

grype-qubership_testing_platform_environments_feature_springboot_upgrade_3_5_12_20260426070640.xlsx
trivy-qubership_testing_platform_environments_feature_springboot_upgrade_3_5_12_20260426070640.xlsx