Hi Team, We are using "maven-antrun-plugin" that internally uses apache ant.
Recently high severity vulnerability (CVE-2020-11979<https://ant.apache.org/security.html>) is observed specific to apache ant This CVE is fixed on apache ant version Ant 1.10.9. Although latest maven-antrun-plugin (v3.0.0) is using older apache ant version (ie. Apache ant 1.9.14) that is impacted with this vulnerability. Kindly let us know the plan to take the latest ant version to fix this vulnerability. Thanks Ashish Verma