thymeleaf 2.1.5 import ognl 3.0.8 which is vulnerable to DOS attacks

groupe-sii / ogham

Sending email, sms or whatever is a piece of cake

https://groupe-sii.github.io/ogham/

Apache License 2.0

21 stars 15 forks source link

Closed kadary closed 5 years ago

kadary commented 5 years ago

OGNL (3.0.8) includes in ogham 2.0.0 is vulnerable to DOS attack: https://app.snyk.io/vuln/SNYK-JAVA-OGNL-30474

kadary commented 5 years ago

Fix by 36118d586