Update ast-cli-java-wrapper to version 2.4.4-test-release

[ast-phoenix]

This PR updates the ast-cli-java-wrapper dependency in pom.xml to version 2.4.4-test-release.

[github-actions]

Checkmarx One – Scan Summary & Details – 34da9cd2-21bd-40b2-8a0c-5a5dd9e2d572

New Issues (13)

Checkmarx found the following issues in this Pull Request

Severity	Issue	Source File / Package	Checkmarx Insight
	CVE-2016-1000027	Maven-org.springframework:spring-web-5.3.34	details Recommended version: 5.3.36-wso2v1 Description: Pivotal Spring Framework (spring, spring-remoting, spring-web, spring-webmvc) versions prior to 6.0.0-M1, suffers from a potential remote code exec... Attack Vector: NETWORK Attack Complexity: LOW ID: TTjYYa2QWr6A4zYZ3f8zEJLFbRYNx3JD6w3oR6BHSKw%3D Vulnerable Package
	CVE-2025-22228	Maven-org.springframework.security:spring-security-crypto-5.8.11	details Recommended version: 5.8.16-atlassian-1-m01 Description: The Spring Security "BCryptPasswordEncoder.matches(CharSequence, String)" method may incorrectly return true for passwords longer than 72 character... Attack Vector: NETWORK Attack Complexity: HIGH ID: dUEGjYmq%2BaKmZsVmrEc0Pc0Y72wopWE3zUfFBa9M5ts%3D Vulnerable Package
	Cx78f40514-81ff	Maven-commons-collections:commons-collections-3.2.2	details Description: The framework Apache Commons Collections before 4.3 is vulnerable to Stack Overflow. The function `add()` in the file `list/SetUniqueList.java` thr... Attack Vector: NETWORK Attack Complexity: LOW ID: j7qQjEfvAn4hh%2Flf6%2BpcIRpkDqigEDmiMWF5oX3XZk8%3D Vulnerable Package
	CVE-2024-38809	Maven-org.springframework:spring-web-5.3.34	details Recommended version: 5.3.36-wso2v1 Description: The package "org.springframework:spring-web" versions through 5.3.37, 6.0.0-M1 through 6.0.22, and 6.1.0-M1 through 6.1.11 are vulnerable to Denial... Attack Vector: NETWORK Attack Complexity: LOW ID: cfvyjzvjr2uHwvM1AD4nuio6RZPpMfoesAUR04LDJMY%3D Vulnerable Package
	CVE-2024-38827	Maven-org.springframework.security:spring-security-core-5.8.11	details Recommended version: 5.8.16 Description: The usage of 'String.toLowerCase()' and 'String.toUpperCase()' has some Locale dependent exceptions that could potentially result in authorization ... Attack Vector: NETWORK Attack Complexity: LOW ID: DX6nr5eTJmBii27jnRSK9aXDIhgWExP6blPXkCoYWDw%3D Vulnerable Package
	CVE-2024-38827	Maven-org.springframework.security:spring-security-crypto-5.8.11	details Recommended version: 5.8.16-atlassian-1-m01 Description: The usage of 'String.toLowerCase()' and 'String.toUpperCase()' has some Locale dependent exceptions that could potentially result in authorization ... Attack Vector: NETWORK Attack Complexity: LOW ID: zqTrdr2atkj5i%2BKKoyyS0Dex6vBfE%2BGnSeh2DFlPw3k%3D Vulnerable Package
	CVE-2024-6763	Maven-org.eclipse.jetty:jetty-server-10.0.22	details Recommended version: 10.0.25 Description: Eclipse Jetty is a lightweight, highly scalable, Java-based web server and Servlet engine. It includes a utility class, 'HttpURI', for URI/URL pars... Attack Vector: NETWORK Attack Complexity: LOW ID: fnijpnzOaItSTKaxVyEIwAa%2BFAv8LJd3C0JOv%2BfgAsE%3D Vulnerable Package
	CVE-2024-8184	Maven-org.eclipse.jetty:jetty-server-10.0.22	details Recommended version: 10.0.25 Description: There exists a security vulnerability in Jetty's "ThreadLimitHandler.getRemote()" which can be exploited by unauthorized users to cause a remote De... Attack Vector: NETWORK Attack Complexity: LOW ID: XDQjCAJDmxnlxbadxp8Aphk5jSCJF85JetYHw0pHNz0%3D Vulnerable Package
	CVE-2025-48924	Maven-org.apache.commons:commons-lang3-3.17.0	details Recommended version: 3.18.0 Description: Uncontrolled Recursion vulnerability in Apache Commons Lang. The methods `ClassUtils.getClass(...)` can `throwStackOverflowError` on very long inpu... Attack Vector: NETWORK Attack Complexity: LOW ID: BTe22nYUINn%2B7Y2fUwV4EN6Ou9N44g1AMpJCJZGFJKA%3D Vulnerable Package
	CVE-2025-48924	Maven-commons-lang:commons-lang-2.6	details Description: Uncontrolled Recursion vulnerability in Apache Commons Lang. The methods `ClassUtils.getClass(...)` can `throwStackOverflowError` on very long inpu... Attack Vector: NETWORK Attack Complexity: LOW ID: RsiRKXo4UkgxCtIBM2kM9%2BeLdjU4JHCFn9z08izX%2FuI%3D Vulnerable Package
	CVE-2025-53864	Maven-com.google.code.gson:gson-2.11.0	details Recommended version: 2.12.0 Description: Connect2id Nimbus JOSE + JWT allows a remote attacker to cause a Denial-of-Service (DoS) via a deeply nested JSON object supplied in a JWT claim se... Attack Vector: NETWORK Attack Complexity: LOW ID: LPrp5lT1RjwafMijF94XEf41RoSlQGyDygTXM9O4Mek%3D Vulnerable Package
	CVE-2024-38820	Maven-org.springframework:spring-core-5.3.34	details Recommended version: 5.3.36-wso2v1 Description: The fix for CVE-2022-22968 made "disallowedFields" patterns in "DataBinder" case-insensitive. However, using "String.toLowerCase()" introduces some... Attack Vector: NETWORK Attack Complexity: LOW ID: LzU7f3zGRp8u731VwuAk8RD17Cu0sy2p%2FmXSYS%2BXn8k%3D Vulnerable Package
	CVE-2024-38820	Maven-org.springframework:spring-web-5.3.34	details Recommended version: 5.3.36-wso2v1 Description: The fix for CVE-2022-22968 made "disallowedFields" patterns in "DataBinder" case-insensitive. However, using "String.toLowerCase()" introduces some... Attack Vector: NETWORK Attack Complexity: LOW ID: ZcA9VXKIJyKnXNtb5mboO2NzX6FlyJmOaMdHK4iqzGA%3D Vulnerable Package