version of apache velocity 1.7 vulnerability

You need to login (link above) before you can post. If you do not yet have an account, please register.

ekaku replied

26 May 2021, 18:48
Thank you for your answer.
Leave a comment:
Isomorphic replied

26 May 2021, 18:41
This does not apply to the SmartGWT framework, because we do not provide an ability to for untrusted end users to upload Velocity templates.
Leave a comment:
ekaku started a topic version of apache velocity 1.7 vulnerability

26 May 2021, 18:35
version of apache velocity 1.7 vulnerability

I have a question.

apache velocity 1.7 vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2020-13936

I am use SmartGWT 12.1p(2121/4/8).I figured that version of smartclient is using velocity 1.7.
Will this vulnerability affect SmartGWT?

If affect is Yes, is there any plan to update to version apache velocity 2.3 recently? When will be released?
Tags: None

Previous template Next

Working...

Announcement