[ https://issues.apache.org/jira/browse/TIKA-3492?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tim Allison resolved TIKA-3492. ------------------------------- Fix Version/s: 1.28 2.0.1 Resolution: Fixed > Upgrade version for TPS: rome to 1.16.0 in tika-bundle > ------------------------------------------------------ > > Key: TIKA-3492 > URL: https://issues.apache.org/jira/browse/TIKA-3492 > Project: Tika > Issue Type: Bug > Affects Versions: 1.27 > Reporter: Shubhangi Raut > Priority: Major > Labels: upgrade > Fix For: 2.0.1, 1.28 > > > tika-bundle-1.27 uses rome-1.15.0. > There is following vulnerability reported in rome-1.15.0 as per Sonatype Data > Research: > [sonatype-2021-0802|https://vw-pun-bpm-bl15.bmc.com:8070/ui/links/vln/sonatype-2021-0802] > : > [rome-1.16.0|https://mvnrepository.com/artifact/com.rometools/rome/1.16.0] is > non-vulnerable version. Please consider upgrading to it in the next release. -- This message was sent by Atlassian Jira (v8.3.4#803005)