Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
9.0, 8.11.2, main (10.0)
-
None
-
None
-
None
Description
There are CVEs associated with the com.fasterxml.woodstox:woodstox-core dependency. The current version of this dependency in Solr is 6.2.8 and the vulnerabilities are fixed in 6.4.0.
All the CVEs related to woodstox-core version 6.2.8:
Attachments
Issue Links
- duplicates
-
SOLR-16568 Update woodstox-core to 6.4.0 to mitigate CVE-2022-40152
-
- Closed
-