Uploaded image for project: 'Sling'
  1. Sling
  2. SLING-9928

Sling el-api embeds vulnerable version of el-api

    XMLWordPrintableJSON

Details

    Description

      Issue summary : Security issues reported under org.apache.tomcat

      Vulnerabilities

      CVE-2014-7810 5.0 org.apache.tomcat : el-api : 6.0.14
      https://nvd.nist.gov/vuln/detail/CVE-2014-7810

      el-api-6.0.14 is embedded by org.apache.sling.scripting.el-api.

      Expected: Need to update el-api version in org.apache.sling.scripting.el-api.

      Attachments

        Activity

          People

            cziegeler Carsten Ziegeler
            akanksha88 Akanksha Jain
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 0.5h
                0.5h