Open matrei opened 1 year ago
Newly created Grails apps have a runtimeOnly dependency on "org.glassfish.web:el-impl:2.2.1-b05".
It seems to be coming from the base profiles' features/hibernate5/features.yml file.
Is this dependency really used/needed. My apps seems to work properly when removing it. I'm asking as this dependency has a security warning associated with it (CVE-2021-28170).
Newly created Grails apps have a runtimeOnly dependency on "org.glassfish.web:el-impl:2.2.1-b05".
It seems to be coming from the base profiles' features/hibernate5/features.yml file.
Is this dependency really used/needed. My apps seems to work properly when removing it. I'm asking as this dependency has a security warning associated with it (CVE-2021-28170).