Hi, Our team have encountered a few vulnerability issues pertaining to org.apache.xerces_2.9.0.v201101211617:
CVE-2022-23437<https://nvd.nist.gov/vuln/detail/CVE-2022-23437> CVE-2012-0881<https://nvd.nist.gov/vuln/detail/CVE-2012-0881> CVE-2009-2625<https://nvd.nist.gov/vuln/detail/CVE-2009-2625> We have Eclipse products that are both on Photon, which contains these vulnerability issues. https://archive.eclipse.org/webtools/downloads/drops/R3.10.0/R-3.10.0-20180611164516/repository Is there is possible to remediate these issues by updating Xerces2 to 2.12.2, which was first included in WTP R3.25.0? Thanks, Andrew Tram Advisory DevOps Engineer and Release Manager Dev & Pipeline - IBM Z [email protected]<mailto:[email protected]> Slack<https://ibm-systems-z.slack.com/team/W8FEYD6G1> | LinkedIn<http://www.linkedin.com/in/andrewtram91> IBM
_______________________________________________ wtp-dev mailing list [email protected] To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/wtp-dev
