[YADE-572] Update poi 3.10-FINAL to 3.17 due to 3rd party vulnerability issue CVE-2017-12626 - SOS JIRA

XML

Word

Printable

Details

Type: Fix
Status: Released (View Workflow)
Priority: Minor
Resolution: Fixed
Affects Version/s: 1.12.14, 1.13.8
Fix Version/s: 1.12.15, 1.13.9
Component/s: None
Labels:
None

CVE-ID:
CVE-2017-12626

Description

Current Situation

Currently JobScheduler components use poi version 3.10-FINAL
a vulnerability affect this version,
- see https://nvd.nist.gov/vuln/detail/CVE-2017-12626

Desired Behavior

Due to a vulnerability Issue of older poi releases the JobScheduler components should use the current version 3.17 that fixes the issues.

Attachments

Activity

People

Assignee:: Santiago Aucejo Petzoldt

Reporter:: Santiago Aucejo Petzoldt

Approver:: Divyani Rathore (Inactive)

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 15 January 2021 06:49

Updated:: 15 April 2021 22:20

Resolved:: 15 January 2021 07:24