Uploaded image for project: 'Maven Javadoc Plugin'
  1. Maven Javadoc Plugin
  2. MJAVADOC-545

Struts 1.3.8

    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 3.0.1
    • None
    • javadoc
    • None

    Description

      Our security audits have reported that this plugin has a dependency on Struts 1.3.8 which has several critical security flaws. Although this is a build-time only plugin, this still represents a security issue. That version of Struts is also EOL which is far from ideal. Is there any way to update?

      https://www.cvedetails.com/vulnerability-list/vendor_id-45/product_id-6117/version_id-164423/Apache-Struts-1.3.8.html

      Attachments

        Issue Links

          duplicates

          Dependency upgrade - Upgrading a dependency to a newer version MJAVADOC-638 upgrade Doxia Sitetools to 1.9.2 to remove dependency on Struts

          • Major - Major loss of function.
          • Closed

          Activity

            People

              rfscholte Robert Scholte
              chris.scott6435 Chris Scott
              Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: