Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Won't Fix
-
3.1.0
-
None
-
None
-
None
Description
Maven archetype currently uses dom4j 1.6.1 which is vulnerable to CVE-2018-1000632.
Upgrade to 2.1.1, which is the only released version of dom4j not vulnerable to CVE-2018-1000632.
Attachments
Issue Links
- links to