Frans Flippo updated an issue

Hibernate ORM / HHH-14018 Upgrade to dom4j 2.1.3 for CVE-2020-10683 Change By: Frans Flippo h2. Overview the transitive dependency dom4j 1 2 . 6. 1 has a CVE, which . is used by a dependency of hibernate core and has a CVE (see [ http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- 2020-10683)|http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE- 2018-1000632) ] . This version is  outdated. Hibernate core shoould should upgrade to version 2. x 1 . x 3 or later . org.dom4j h2. Detail Related to the forum https://discourse.hibernate.org/t/dom4j-raise-up-a-cve/1362. Add Comment

Get Jira notifications on your phone! Download the Jira Cloud app for Android or iOS This message was sent by Atlassian Jira (v1001.0.0-SNAPSHOT#100126-sha1:dd08494)