Uploaded image for project: 'Felix'
  1. Felix
  2. FELIX-6721

CVE-2021-33813: Upgrade jdom to the latest version in maven-bundle-plugin

    XMLWordPrintableJSON

Details

    Description

      There is a HIGH CVE https://nvd.nist.gov/vuln/detail/CVE-2021-33813 detected in the maven-bundle-plugin.

      https://github.com/apache/felix-dev/blob/master/tools/maven-bundle-plugin/pom.xml#L274
      <dependency>
      <groupId>org.jdom</groupId>
      <artifactId>jdom</artifactId>
      <version>1.1</version>
      </dependency>

      The latest jdom2/2.0.6.1 (https://search.maven.org/artifact/org.jdom/jdom2/2.0.6.1/jar) is the fix version for it.

      Attachments

        Activity

          People

            paulrutter Paul Rütter
            xldai Xilai Dai
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: