chore: update versions.json in 23.3 with latest WC

[github-actions[bot]]

Dependencies Report

• 🟠 Known Vulnerabilities:

  • Vulnerabilities in: pkg:npm/railroad-diagrams@1.0.0 [CVE-2024-26467] (oss-bomber) 👌 This is coming from the tools, @cyclonedx/cyclonedx-npm, we have used for sbom module, FP for us. ·
    • Vulnerabilities in: pkg:maven/com.fasterxml.jackson.core/jackson-databind@2.14.2 [CVE-2023-35116] (owasp) 👌 based on the issue this is not a CVE https://github.com/FasterXML/jackson-databind/issues/3972 · cpe:2.3:a:fasterxml:jackson-databind::::::::
    • Vulnerabilities in: pkg:maven/com.vaadin/vaadin-core@23.3-SNAPSHOT [CVE-2023-25499, CVE-2023-25500] (owasp) 👌 faulty report as the cve contains the prerelease versions · cpe:2.3:a:vaadin:vaadin:::::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha1:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha2:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha3:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha4:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha5:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:alpha6:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:beta1:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:beta2:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:beta3:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:rc1:::::: · cpe:2.3:a:vaadin:vaadin:24.1.0:rc2::::::

• 🚫 Vulnerabilities:

  • Vulnerabilities in: pkg:maven/org.apache.commons/commons-compress@1.24.0 [CVE-2024-26308, CVE-2024-25710] (osv-bomber,osv-scan,owasp) · cpe:2.3:a:apache:commons_compress::::::::
    • Vulnerabilities in: pkg:maven/org.apache.tomcat.embed/tomcat-embed-core@9.0.83 [BIT-tomcat-2024-24549,CVE-2024-24549, BIT-tomcat-2024-24549, CVE-2024-24549] (osv-bomber,osv-scan) ·
    • Vulnerabilities in: pkg:maven/org.apache.tomcat.embed/tomcat-embed-websocket@9.0.83 [BIT-tomcat-2024-23672,CVE-2024-23672, BIT-tomcat-2024-23672, CVE-2024-23672] (osv-bomber,osv-scan) ·
    • Vulnerabilities in: pkg:maven/org.springframework/spring-web@5.3.31 [CVE-2016-1000027, CVE-2024-22243, CVE-2024-22259, CVE-2024-22262] (osv-bomber,osv-scan,owasp) 👌 as the faulty code has been deprecated in spring framework 5.3.x, Vaadin 23.3 project is NOT affected. · cpe:2.3:a:vmware:spring_framework:::::::: · cpe:2.3:a:org.springframework:spring-web:5.3.31:::::::* ·
    • Vulnerabilities in: pkg:npm/vite@3.2.8#packages/vite [CVE-2024-31207] (osv-bomber) ·
    • Vulnerabilities in: pkg:npm/ejs@3.1.10 [CVE-2023-29827] (oss-bomber) ·
    • Vulnerabilities in: pkg:maven/org.apache.tomcat/tomcat-coyote@9.0.83 [BIT-tomcat-2024-24549, CVE-2024-24549] (osv-scan) ·
    • Vulnerabilities in: pkg:maven/org.apache.tomcat/tomcat-websocket@9.0.83 [BIT-tomcat-2024-23672, CVE-2024-23672] (osv-scan) ·
    • Vulnerabilities in: pkg:npm/vite@3.2.8 [CVE-2024-31207] (osv-scan) ·

• 📔 No License Issues

[Click for more Details]