Bump commons-beanutils:commons-beanutils from 1.9.4 to 1.11.0 (#881)

dependabot[bot] · web-flow · commit 7067804af1ce · 2025-05-29T10:35:16.000-04:00
Bumps commons-beanutils:commons-beanutils from 1.9.4 to 1.11.0.

---
updated-dependencies:
- dependency-name: commons-beanutils:commons-beanutils
  dependency-version: 1.11.0
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] &lt;support@github.com&gt;
Co-authored-by: dependabot[bot] &lt;49699333+dependabot[bot]@users.noreply.github.com&gt;
diff --git a/pom.xml b/pom.xml
@@ -185,8 +185,8 @@
         <dependency>
             <groupId>commons-beanutils</groupId>
             <artifactId>commons-beanutils</artifactId>
-            <!-- We need to use 1.9.4 (or later) here to address CVE-2014-0114 and CVE-2019-10086. -->
-            <version>1.9.4</version>
+            <!-- We need to use 1.11.0 (or later) here to address CVE-2014-0114 and CVE-2019-10086. -->
+            <version>1.11.0</version>
             <!-- NOTE: commons-beanutils uses commons-collections 3.2.2. We use
                  commons-collections 4.2. Package names are different so this shouldn't
                  cause any problems as long as 3.x doesn't have any CVEs. May have to
