[SLING-12492] Apache Sling Scripting JavaScript 3.1.4 is affected by vulnerabilities CVE-2022-32549 and CVE-2021-29425. - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Resolved
Priority: Minor
Resolution: Fixed
Affects Version/s: Scripting JavaScript 3.1.4
Fix Version/s: Scripting JavaScript 3.1.6
Component/s: Scripting
Labels:
None

Description

The MVN Repository reports that the latest release, Apache Sling Scripting JavaScript 3.1.4, is affected by vulnerabilities CVE-2022-32549 and CVE-2021-29425 due to outdated dependencies. For more details, visit MVN Repository.

Attachments

Issue Links

links to

GitHub Pull Request #3

GitHub Pull Request #6

GitHub Pull Request #16

Activity

People

Assignee:: Eric Norman

Reporter:: Scott Yuan

Votes:: 0 Vote for this issue

Watchers:: 4 Start watching this issue

Dates

Created:: 15/Nov/24 17:42

Updated:: 18/Dec/24 22:49

Resolved:: 18/Dec/24 22:49