[Snyk] Security upgrade com.amazonaws:aws-java-sdk-core from 1.11.505 to 1.12.710

[juhisingh-qait]

User description

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

• Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
  • localstack/ext/java/pom.xml

Vulnerabilities that will be fixed

With an upgrade:

Severity	Priority Score (*)	Issue	Upgrade	Breaking Change	Exploit Maturity	Reachability
	40/1000 Why? Confidentiality impact: Low, Integrity impact: None, Availability impact: None, Scope: Unchanged, Exploit Maturity: No data, User Interaction (UI): None, Privileges Required (PR): None, Attack Complexity: High, Attack Vector: Network, EPSS: 0.01055, Social Trends: No, Days since published: 4437, Reachable: No, Transitive dependency: Yes, Is Malicious: No, Business Criticality: High, Provider Urgency: Low, Package Popularity Score: 99, Impact: 2.35, Likelihood: 1.69, Score Version: V5	Information Exposure SNYK-JAVA-COMMONSCODEC-561518	com.amazonaws:aws-java-sdk-core: 1.11.505 -> 1.12.710	No	No Known Exploit	No Path Found

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Learn about vulnerability in an interactive lesson of Snyk Learn.

---

Type

Enhancement

---

Description

• This PR updates the AWS Java SDK Core version in pom.xml to address security vulnerabilities.
• The upgrade from version 1.11.505 to 1.12.710 fixes specific security issues linked with the older version.

---

Changes walkthrough

	Relevant files
Dependencies	pom.xml Update AWS SDK Core Version to Mitigate Vulnerabilities    localstack/ext/java/pom.xml Updated the version of aws-java-sdk-core from 1.11.505 to 1.12.710. +1/-1

---

✨ PR-Agent usage:
Comment /help on the PR to get a list of all available PR-Agent tools and their descriptions

[codiumai-pr-agent-pro]

PR Description updated to latest commit (c51c49b)

• Copy walkthrough table to "Files Changed" Tab

[codiumai-pr-agent-pro]

PR Review

⏱️ Estimated effort to review [1-5]	1, because the PR involves a simple version update in a Maven dependency. This is a straightforward change with a clear purpose of upgrading to a secure version.
🧪 Relevant tests	No
🔍 Possible issues	No
🔒 Security concerns	No

---

✨ Review tool usage guide:

---

Overview:
The review tool scans the PR code changes, and generates a PR review which includes several types of feedbacks, such as possible PR issues, security threats and relevant test in the PR. More feedbacks can be added by configuring the tool.

The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on any PR.

• When commenting, to edit configurations related to the review tool (pr_reviewer section), use the following template:

/review --pr_reviewer.some_config1=... --pr_reviewer.some_config2=...

• With a configuration file, use the following template:

[pr_reviewer]
some_config1=...
some_config2=...

See the review usage page for a comprehensive guide on using this tool.

[codiumai-pr-agent-pro]

PR Code Suggestions

Category

Suggestions

Best practice

Verify and update other AWS SDK components to ensure compatibility with the new version of aws-java-sdk-core. To ensure compatibility and avoid potential issues with other dependencies that might rely on aws-java-sdk-core, it is recommended to verify if other AWS SDK components used in the project are compatible with version 1.12.710. If other components are used, their versions might also need to be updated to maintain compatibility. localstack/ext/java/pom.xml [108] <version>1.12.710</version> +<!-- Ensure compatibility with other AWS SDK components -->

---

✨ Improve tool usage guide:

---

Overview:
The improve tool scans the PR code changes, and automatically generates suggestions for improving the PR code. The tool can be triggered automatically every time a new PR is opened, or can be invoked manually by commenting on a PR.

• When commenting, to edit configurations related to the improve tool (pr_code_suggestions section), use the following template:

/improve --pr_code_suggestions.some_config1=... --pr_code_suggestions.some_config2=...

• With a configuration file, use the following template:

[pr_code_suggestions]
some_config1=...
some_config2=...

See the improve usage page for a comprehensive guide on using this tool.