It's not a bug - that advisory was just raised against a sample that CXF ships with.
Colm. On Tue, Apr 18, 2017 at 4:51 PM, Dennis Kieselhorst <[email protected]> wrote: > Hi, > > OWASP dependency check still reports CVE-2012-5786 and it's not on the > list. Should we add it? > > Regards > Dennis > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
