From 87773e8de5347c2fd05be3e60e0ede985547c78c Mon Sep 17 00:00:00 2001
From: Valera V Harseko <vharseko@3a-systems.ru>
Date: Mon, 24 Jun 2024 11:08:59 +0300
Subject: [PATCH] CVE-2020-13936 Sandbox Bypass in Apache Velocity Engine

---
 OpenICF-maven-plugin/pom.xml | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/OpenICF-maven-plugin/pom.xml b/OpenICF-maven-plugin/pom.xml
index d5ada996..e476f21a 100644
--- a/OpenICF-maven-plugin/pom.xml
+++ b/OpenICF-maven-plugin/pom.xml
@@ -179,8 +179,8 @@
         <!-- other -->
         <dependency>
             <groupId>org.apache.velocity</groupId>
-            <artifactId>velocity</artifactId>
-            <version>1.7</version>
+            <artifactId>velocity-engine-core</artifactId>
+            <version>2.3</version>
         </dependency>
 
         <dependency>