[jira] [Created] (SLING-9928) Sling el-api embeds vulnerable version of el-api

Akanksha Jain (Jira) Mon, 23 Nov 2020 22:15:06 -0800

Akanksha Jain created SLING-9928:
------------------------------------

             Summary: Sling el-api embeds vulnerable version of el-api
                 Key: SLING-9928
                 URL: https://issues.apache.org/jira/browse/SLING-9928
             Project: Sling
          Issue Type: Bug
          Components: Scripting
            Reporter: Akanksha Jain



*Issue summary :* Security issues reported under org.apache.tomcat

*Vulnerabilities*

CVE-2014-7810 5.0 org.apache.tomcat : el-api : 6.0.14
[https://nvd.nist.gov/vuln/detail/CVE-2014-7810]

el-api-6.0.14 is embedded by org.apache.sling.scripting.el-api.

Expected: Need to update el-api version in org.apache.sling.scripting.el-api.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (SLING-9928) Sling el-api embeds vulnerable version of el-api

Reply via email to