We have an internal product that we use that includes the commons-validator package from the central Maven repository and when running a third-party library scanner (Black Duck) on the jar file it flagged commons-beanutils and commons-collections as having security vulnerabilities. I was wondering if there were plans in the near future to release a new version of commons-validator that had the latest version of compile dependencies for commons-beanutils, commons-collections and commons-digester?
- [VALIDATOR] Update of packages used by Validator? Jon Champlin
- Re: [VALIDATOR] Update of packages used by Validator? Gary Gregory
- Re: [VALIDATOR] Update of packages used by Validator... Rob Tompkins
- Re: [VALIDATOR] Update of packages used by Valid... Gary Gregory
- Re: [VALIDATOR] Update of packages used by V... Rob Tompkins