Hello everyone, The soon to be released axis2 version 1.8.0 depends on xmlbeans 2.6.0 which is exposed to CVE-2021-23926, which is ranked by NIST as 9.1 critical. Can't we move to version 3.0.1? I tried that and it all built ok. I also tried version 4.0.0 but that had problems due to API changes. I think 3.0.1 should be safe, hopefully.
-- Regards, Andrew Marlow http://www.andrewpetermarlow.co.uk
