docjure icon indicating copy to clipboard operation
docjure copied to clipboard
verified publisher icon mjul

Upgrade Apache POI to mitigate CVE-2025-31672

Open nnichols opened this issue 1 year ago • 0 comments

Apache POI has a known vulnerability at the current version which can be resolved by upgrading to > 5.4.1

lein nvd also reports the vulnerability, and I was able to successfully execute tests with the all profile.

CVE Finding: https://www.cve.org/CVERecord?id=CVE-2025-31672 Snyk Report: https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEPOI-9685010 Related Issue: https://github.com/mjul/docjure/issues/118

Please let me know if there's anything else you need!

nnichols avatar Apr 17 '25 20:04 nnichols