Wednesday, March 28, 2012

Re: Aspect Security / Sonatype Study - GWT Vunlerabilities

On Wednesday, March 28, 2012 11:10:44 AM UTC-4, Geoffrey Wiseman wrote:
This study by Aspect Security and Sonatype is making the rounds, and implies that GWT is the most-downloaded component in Maven central with security vulnerabilities:

I've asked, but I'm curious which GWT vulnerabilities they might be including here.

The one that comes up the most in searches for me is this (relatively ancient) GWT 1.5/1.6-era RSS/XSS vulnerability:

If they're using this one, I'm curious if their download stats only include affected versions.

You received this message because you are subscribed to the Google Groups "Google Web Toolkit" group.
To view this discussion on the web visit
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit this group at

No comments:

Post a Comment