From 4695adaba9454917de503fcd2019417de6b4ef7a Mon Sep 17 00:00:00 2001
From: Xuecheng Shan <xuecheng.shan@xuechengdeMacBook-Pro.local>
Date: Wed, 10 Dec 2025 11:09:06 +0800
Subject: [PATCH] KE-45068 fix vulnerability

---
 pom.xml                                   |  7 ++++---
 resource-managers/kubernetes/core/pom.xml | 19 +++++++++++++++++++
 2 files changed, 23 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index e0971a738687d..27527a772f630 100644
--- a/pom.xml
+++ b/pom.xml
@@ -189,7 +189,7 @@
     <datanucleus-core.version>4.1.17</datanucleus-core.version>
     <guava.version>14.0.1</guava.version>
     <janino.version>3.1.6</janino.version>
-    <jersey.version>2.35</jersey.version>
+    <jersey.version>2.46</jersey.version>
     <joda.version>2.10.10</joda.version>
     <jodd.version>5.3.0</jodd.version>
     <jsr305.version>3.0.0</jsr305.version>
@@ -203,8 +203,8 @@
     <commons-cli.version>1.5.0</commons-cli.version>
     <bouncycastle.version>1.60</bouncycastle.version>
     <tink.version>1.6.1</tink.version>
-    <tomcat.version>9.0.108</tomcat.version>
-    <tomcat-embed-core.version>9.0.108</tomcat-embed-core.version>
+    <tomcat.version>9.0.109</tomcat.version>
+    <tomcat-embed-core.version>9.0.109</tomcat-embed-core.version>
     <netty.version>4.1.125.Final</netty.version>
     <netty-handler.version>4.1.125.Final</netty-handler.version>
     <stax2-api.version>4.2.1</stax2-api.version>
@@ -217,6 +217,7 @@
     <!-- org.fusesource.leveldbjni will be used except on arm64 platform. -->
     <leveldbjni.group>org.fusesource.leveldbjni</leveldbjni.group>
     <kubernetes-client.version>5.12.2</kubernetes-client.version>
+    <okhttp3.version>4.9.3</okhttp3.version>
 
     <test.java.home>${java.home}</test.java.home>
 
diff --git a/resource-managers/kubernetes/core/pom.xml b/resource-managers/kubernetes/core/pom.xml
index dca0c4562474e..34b64121e99fe 100644
--- a/resource-managers/kubernetes/core/pom.xml
+++ b/resource-managers/kubernetes/core/pom.xml
@@ -92,9 +92,28 @@
           <groupId>javax.annotation</groupId>
           <artifactId>javax.annotation-api</artifactId>
         </exclusion>
+        <exclusion>
+          <groupId>com.squareup.okhttp3</groupId>
+          <artifactId>logging-interceptor</artifactId>
+        </exclusion>
+        <exclusion>
+          <groupId>com.squareup.okhttp3</groupId>
+          <artifactId>okhttp</artifactId>
+        </exclusion>
       </exclusions>
     </dependency>
 
+    <dependency>
+      <groupId>com.squareup.okhttp3</groupId>
+      <artifactId>logging-interceptor</artifactId>
+      <version>${okhttp3.version}</version>
+    </dependency>
+    <dependency>
+      <groupId>com.squareup.okhttp3</groupId>
+      <artifactId>okhttp</artifactId>
+      <version>${okhttp3.version}</version>
+    </dependency>
+
     <!-- Required by kubernetes-client but we exclude it -->
     <dependency>
       <groupId>com.fasterxml.jackson.dataformat</groupId>