Announcement

Collapse
No announcement yet.
X
  • Filter
  • Time
Clear All
new posts

    version of apache velocity 1.7 vulnerability

    I have a question.

    apache velocity 1.7 vulnerability
    https://nvd.nist.gov/vuln/detail/CVE-2020-13936

    I am use SmartGWT 12.1p(2121/4/8).I figured that version of smartclient is using velocity 1.7.
    Will this vulnerability affect SmartGWT?

    If affect is Yes, is there any plan to update to version apache velocity 2.3 recently? When will be released?

    #2
    This does not apply to the SmartGWT framework, because we do not provide an ability to for untrusted end users to upload Velocity templates.

    Comment


      #3
      Thank you for your answer.

      Comment

      Working...
      X