lucboudreau
commented
1 year ago @MarijanaTR - Apache POI was upgraded to version 4.1.1 more than 2 years ago. Can you give us more details on where you are seeing a 3.X version?
Open MarijanaTR opened 1 year ago
lucboudreau
commented
1 year ago @MarijanaTR - Apache POI was upgraded to version 4.1.1 more than 2 years ago. Can you give us more details on where you are seeing a 3.X version?
smmribeiro
commented
1 year ago @MarijanaTR and @lucboudreau: Apache POI was upgraded to 3.17 with pentaho-reporting#1108 and this was for 8.1 GA... We're using 4.1.1 since 9.2 GA.
tiago-s-vieira-alb
commented
10 months ago Hi, I think @MarijanaTR wanted to say POI 5.17 at least. Can you upgrade to the last POI version? (25 November 2023 - POI 5.2.5 available)
Apache poi library has 4 direct known high vulnerabilities apachepoi Can the version be updated to at least 3.17 or higher?