Uploaded image for project: 'CXF'
  1. CXF
  2. CXF-8777

cxf-codegen-plugin : 3.5.4 : commons-text :1.9

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.5.4
    • 3.4.10, 3.5.5
    • Build system
    • None

    Description

      project uses Commons-text package indirectly as shown in below hierarchy with latest versions.

      org.apache.cxf :cxf-codegen-plugin : 3.5.4 (latest)

                                      |

      org.apache.cxf : cxf-tools-wsdlto-frontend-jaxws:3.54 (latest)

                                      |

      org.apache.cxf: commons-text : 1.9 (removed from maven repo)

       

      Issue is, exclude of 1.9 does not work as artifact itself does not exist. Since all older version jar files (till 1.9) are removed for commons-text, Exclude dependency option for 1.9 is not working. It is trying to pull 1.9 first before exclude.

      Could you please help on the  above

      Attachments

        Issue Links

          duplicates

          Bug - A problem which impairs or prevents the functions of the product. CXF-8778 Upgrade commons-text to address CVE-2022-42889

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              coheigea Colm O hEigeartaigh
              srinivas.34 srinivasarao sanneboyina
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: