Hi, Our team have encountered a few vulnerability issues pertaining to org.apache.xerces_2.9.0.v201101211617:
CVE-2022-23437<https://nvd.nist.gov/vuln/detail/CVE-2022-23437> CVE-2012-0881<https://nvd.nist.gov/vuln/detail/CVE-2012-0881> CVE-2009-2625<https://nvd.nist.gov/vuln/detail/CVE-2009-2625> We have Eclipse products that are both on Photon, which contains these vulnerability issues. https://archive.eclipse.org/webtools/downloads/drops/R3.10.0/R-3.10.0-20180611164516/repository Is there is possible to remediate these issues by updating Xerces2 to 2.12.2, which was first included in WTP R3.25.0? Thanks, Andrew Tram Advisory DevOps Engineer and Release Manager Dev & Pipeline - IBM Z andrew.t...@ibm.com<mailto:andrew.t...@ibm.com> Slack<https://ibm-systems-z.slack.com/team/W8FEYD6G1> | LinkedIn<http://www.linkedin.com/in/andrewtram91> IBM
_______________________________________________ wtp-dev mailing list wtp-dev@eclipse.org To unsubscribe from this list, visit https://www.eclipse.org/mailman/listinfo/wtp-dev