commons-beanutils 1.7.0 contains a vulnerability which may allow a user to execute arbitrary code. (CVE-2014-0114). Regardless if DynamicJasper's usage of beanutils is vulnerable there seems to be no reason to continue using the outdated dependency. Everything compiles and passes unit tests with the updated dependency.
commons-beanutils 1.7.0 contains a vulnerability which may allow a user to execute arbitrary code. (CVE-2014-0114). Regardless if DynamicJasper's usage of beanutils is vulnerable there seems to be no reason to continue using the outdated dependency. Everything compiles and passes unit tests with the updated dependency.