docjure icon indicating copy to clipboard operation
docjure copied to clipboard
verified publisher icon mjul

CVE-2022-26336: org.apache.poi/poi "4.1.1"

Open anttu opened this issue 4 years ago • 1 comments

Hi, lein nvd check complains of an existing vulnerability in poi-4.1.1.jar (CVE-2022-26336). The issue has been fixed in poi version 5.2.1, would it be possible to bump the version?

anttu avatar Mar 25 '22 10:03 anttu

This issue has been addressed by https://github.com/mjul/docjure/commit/5917daf137e172a90d1ed015aaea7627b4ccade4, so I think it can be closed @anttu .

(@mjul Now that it's been fixed, do you think we could have a new release please? 🙂)

PavlosMelissinos avatar Aug 12 '22 15:08 PavlosMelissinos

Excellent, I have published a version 1.18.0.

mjul avatar Aug 19 '22 10:08 mjul