[jira] [Created] (FREEMARKER-190) The jar dom4j has known security issue that Freemarker compiles dependend on it

PowerCOM_STARWAR (Jira) Mon, 06 Sep 2021 20:43:05 -0700

PowerCOM_STARWAR created FREEMARKER-190:
-------------------------------------------


             Summary: The  jar dom4j has known security issue that Freemarker 
compiles dependend on it
                 Key: FREEMARKER-190
                 URL: https://issues.apache.org/jira/browse/FREEMARKER-190
             Project: Apache Freemarker
          Issue Type: Wish
          Components: engine
    Affects Versions: 2.3.31
            Reporter: PowerCOM_STARWAR


Hi, friend. When i compile the Freemarker, i find it depends on the jar dom4j 
,and its version is 1.3. From the Internet, this version 1.3 of dom4j has 
security issues, so please upgrade to the safety version.Thanks.

The security issue number CVE-2020-10683 and link: 
[https://nvd.nist.gov/vuln/detail/CVE-2020-10683]

The Security issue number CVE-2018-1000632 and link: 
[https://nvd.nist.gov/vuln/detail/CVE-2018-1000632.]

 

 



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (FREEMARKER-190) The jar dom4j has known security issue that Freemarker compiles dependend on it

Reply via email to