Upgrade xerces:xercesImpl to version 2.12.0 or higher to get rid of security vulnerability [CVE-2013-4002, CWE-94], [CVE-2017-10355, CWE-400] , [CVE-2012-0881, CWE-400], [CVE-2009-2625, CWE-400], [CVE-2020-14338, CWE-20]

OxalisCommunity / Oxalis-AS4

PEPPOL AS4 pMode plugin for Oxalis

32 stars 25 forks source link

Upgrade xerces:xercesImpl to version 2.12.0 or higher to get rid of security vulnerability [CVE-2013-4002, CWE-94], [CVE-2017-10355, CWE-400] , [CVE-2012-0881, CWE-400], [CVE-2009-2625, CWE-400], [CVE-2020-14338, CWE-20] #164

Closed aaron-kumar closed 1 year ago

aaron-kumar commented 3 years ago

SAST tool reported vulnerability for library : xerces:xercesImpl

network.oxalis:oxalis-as4@5.0.1 ----org.apache.neethi:neethi@3.1.1 ------- org.apache.ws.commons.axiom:axiom-api@1.2.14 ---------- jaxen:jaxen@1.1.4 ------------- xerces:xercesImpl@2.6.2

Library xerces:xercesImpl to version 2.12.0 or higher

aaron-kumar commented 1 year ago

Closing this as vulnerable functionality is Not directly used.