Announcement
Collapse
No announcement yet.
X
-
This does not apply to the SmartGWT framework, because we do not provide an ability to for untrusted end users to upload Velocity templates.
Leave a comment:
-
version of apache velocity 1.7 vulnerability
I have a question.
apache velocity 1.7 vulnerability
https://nvd.nist.gov/vuln/detail/CVE-2020-13936
I am use SmartGWT 12.1p(2121/4/8).I figured that version of smartclient is using velocity 1.7.
Will this vulnerability affect SmartGWT?
If affect is Yes, is there any plan to update to version apache velocity 2.3 recently? When will be released?Tags: None
Leave a comment: