Uses vulnerable component - Xalan-2.7.1 #134

Closed
codelion opened this Issue Jun 25, 2014 · 2 comments

Projects

None yet

2 participants

@codelion

Xalan-2.7.1 is vulnerable see below
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-0107

Upgrade to version 2.7.2 to avoid this vulnerability.

@rolfl
Collaborator
rolfl commented Jun 25, 2014

thanks for the head's up

@codelion

Np, btw you may find www.sourceclear.com useful to keep track of component security issues :)

@rolfl rolfl added the Target 2.0.x label Feb 13, 2015
@rolfl rolfl closed this in 9ef7362 Feb 15, 2015
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment