Update pom.xml

Author: ankitha39

pom.xml

@@ -1,9 +1,43 @@
-# INTENTIONALLY VULNERABLE PYTHON PACKAGES
-Django==2.2.0
-requests==2.20.0
-urllib3==1.24.0
-Pillow==6.0.0
-cryptography==2.8
-PyYAML==5.1
-Jinja2==2.10.0
-Flask==1.0.0
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+         xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 
+         http://maven.apache.org/xsd/maven-4.0.0.xsd">
+    <modelVersion>4.0.0</modelVersion>
+
+    <groupId>com.example</groupId>
+    <artifactId>vulnerability-test</artifactId>
+    <version>1.0.0</version>
+
+    <dependencies>
+        <!-- INTENTIONALLY VULNERABLE JAVA PACKAGES -->
+        
+        <!-- 1. Log4j - CRITICAL CVE -->
+        <dependency>
+            <groupId>org.apache.logging.log4j</groupId>
+            <artifactId>log4j-core</artifactId>
+            <version>2.14.0</version>
+        </dependency>
+        
+        <!-- 2. Spring Framework - OLD VERSION -->
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-core</artifactId>
+            <version>5.2.0.RELEASE</version>
+        </dependency>
+        
+        <!-- 3. Jackson Databind - OLD VERSION -->
+        <dependency>
+            <groupId>com.fasterxml.jackson.core</groupId>
+            <artifactId>jackson-databind</artifactId>
+            <version>2.9.0</version>
+        </dependency>
+        
+        <!-- 4. Apache Commons Collections - OLD VERSION -->
+        <dependency>
+            <groupId>org.apache.commons</groupId>
+            <artifactId>commons-collections4</artifactId>
+            <version>4.0</version>
+        </dependency>
+    </dependencies>
+</project>