[KEIKAI-593] keikai-poi depends on several dependencies with known vulnerabilities - ZK-Tracker

XML

Word

Printable

Details

Type: Bug
Status: Closed
Priority: Normal
Resolution: Fixed
Affects Version/s: 5.9.0
Fix Version/s: 5.10.0
Component/s: None
Security Level: Jimmy
Labels:
None

Description

Steps to Reproduce

check its pom.xml

Current Result

https://mvnrepository.com/artifact/dom4j/dom4j 1.6.1
(latest version 2.1.3: https://mvnrepository.com/artifact/org.dom4j/dom4j)

https://mvnrepository.com/artifact/log4j/log4j 1.2.13
(latest version: 2.17.2 available under
https://mvnrepository.com/artifact/org.apache.logging.log4j/log4j-core)

https://mvnrepository.com/artifact/junit/junit 4.8.1
(even though it's optional it doesn't hurt to upgrade to 4.13.2)

Expected Result

upgrade to the higher compatible version

Attachments

Activity

People

Assignee:: jumperchen

Reporter:: hawk

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 15/Apr/22 8:08 AM

Updated:: 27/May/22 2:33 AM

Resolved:: 27/May/22 2:33 AM