[ https://issues.apache.org/jira/browse/SLING-9928?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Carsten Ziegeler reassigned SLING-9928: --------------------------------------- Assignee: Carsten Ziegeler > Sling el-api embeds vulnerable version of el-api > ------------------------------------------------ > > Key: SLING-9928 > URL: https://issues.apache.org/jira/browse/SLING-9928 > Project: Sling > Issue Type: Bug > Components: Scripting > Reporter: Akanksha Jain > Assignee: Carsten Ziegeler > Priority: Major > Fix For: Scripting EL API Wrapper 1.0.4 > > Time Spent: 0.5h > Remaining Estimate: 0h > > *Issue summary :* Security issues reported under org.apache.tomcat > *Vulnerabilities* > CVE-2014-7810 5.0 org.apache.tomcat : el-api : 6.0.14 > [https://nvd.nist.gov/vuln/detail/CVE-2014-7810] > el-api-6.0.14 is embedded by org.apache.sling.scripting.el-api. > Expected: Need to update el-api version in org.apache.sling.scripting.el-api. -- This message was sent by Atlassian Jira (v8.3.4#803005)