This repository was archived by the owner on Jun 13, 2025. It is now read-only.
This repository was archived by the owner on Jun 13, 2025. It is now read-only.
Migrating to jboss-xerces from apache-xerces #19
{{ message }}
Hello team,
BluckDuck reports Apache xercesImpl version 2.12.2 as vulnerable which latest available version of this library from Apache.
To avoid the reported vulnerability we will use Jboss xerces version 2.12.0-SP. However, we are not sure these two artifacts are proper alternatives. Does moving to Jboss xercesImpl not cause any regresssion issue?
Thanks,
Khusanjon.