Skip to content

Commit

Permalink
Update transitive angus-mail version to 2.0.2 to resolve CVE
Browse files Browse the repository at this point in the history 
The CVE is CVE-2021-44549 with a high (7.4) severity.

Closes #88
  • Loading branch information
@sleberknight
sleberknight committed Dec 19, 2023
1 parent 8d67fb4 commit a193b8a
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -27,6 +27,7 @@
<properties>
<cxf.version>4.0.3</cxf.version>
<jakarta.mail-api.version>2.1.2</jakarta.mail-api.version>
<angus.mail.version>2.0.2</angus.mail.version>

<!--
NOTE:
Expand Down Expand Up @@ -127,6 +128,12 @@
<version>${jakarta.mail-api.version}</version>
</dependency>

<dependency>
<groupId>org.eclipse.angus</groupId>
<artifactId>angus-mail</artifactId>
<version>${angus.mail.version}</version>
</dependency>

</dependencies>
</dependencyManagement>

Expand Down

0 comments on commit a193b8a

Please sign in to comment.