Uploaded image for project: 'JS - JobScheduler'
  1. JS - JobScheduler
  2. JS-1888

Update dom4j 1.6.1 to 2.1.3 due to 3rd party vulnerability issues CVE-2020-10683, CVE-2018-1000632

    XMLWordPrintable

    Details

    • Type: Fix
    • Status: Released (View Workflow)
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 1.12.14, 1.13.5
    • Component/s: None
    • Labels:
      None
    • CVE-ID:
      CVE-2020-10683, CVE-2018-1000632

      Description

      Current Situation

      Desired Behavior

      • Due to a vulnerability Issue of older dom4j releases the JobScheduler components should use the current version 2.1.3 that fixes the issues.

        Attachments

          Activity

            People

            • Assignee:
              sp Santiago Aucejo Petzoldt
              Reporter:
              ap Andreas Püschel
              Approver:
              Oliver Haufe
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: