From a951772e46d5a57fbc82aa335678349190a240ba Mon Sep 17 00:00:00 2001
From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
Date: Fri, 19 Dec 2025 22:35:16 +0000
Subject: [PATCH] Bump org.apache.logging.log4j:log4j-core

Bumps the maven group with 1 update in the /tests/org.palladiosimulator.retriever.vulnerability.test/res/vulnerable_project directory: org.apache.logging.log4j:log4j-core.


Updates `org.apache.logging.log4j:log4j-core` from 2.14.0 to 2.25.3

---
updated-dependencies:
- dependency-name: org.apache.logging.log4j:log4j-core
  dependency-version: 2.25.3
  dependency-type: direct:production
  dependency-group: maven
...

Signed-off-by: dependabot[bot] <support@github.com>
---
 .../res/vulnerable_project/pom.xml                              | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/org.palladiosimulator.retriever.vulnerability.test/res/vulnerable_project/pom.xml b/tests/org.palladiosimulator.retriever.vulnerability.test/res/vulnerable_project/pom.xml
index 81775ae..38bbeca 100644
--- a/tests/org.palladiosimulator.retriever.vulnerability.test/res/vulnerable_project/pom.xml
+++ b/tests/org.palladiosimulator.retriever.vulnerability.test/res/vulnerable_project/pom.xml
@@ -11,7 +11,7 @@
 		<dependency>
 			<groupId>org.apache.logging.log4j</groupId>
 			<artifactId>log4j-core</artifactId>
-			<version>2.14.0</version>
+			<version>2.25.3</version>
 		</dependency>
 	</dependencies>
 </project>
\ No newline at end of file