jxls icon indicating copy to clipboard operation
jxls copied to clipboard

Published 20 hours ago verified publisher icon jxlsteam

Fix current CVE in JXLS 3.0.0

Open uek06 opened this issue 7 months ago • 1 comments

Hello,

jxls-poi version 3.0.0 has 2 CVE from dependencies that would be easy to correct :

  • org.apache.poi : poi : 5.2.2 => upgrade to 5.2.4
  • org.apache.commons : commons-compress : 1.25.0 => upgrade to 1.26.0

Is it possible to release a version 3.0.1 with theses fixes ?

Thanks

uek06 avatar Jul 16 '24 12:07 uek06