We are looking to purchase the ‘Aspose.total for Java’ product, Aspose policy is not respond to security assessment.
Is the CVE-2019-5032 vulnerability an issue with Aspose.total ?
Do you retain a list of vulnerabilities being worked?
Any limitations on the trial software we have if we run a local malware (Crowdstrike) against it?
Thanks
@TandFSP
Please note that we keep checking our APIs from time to time for any possible vulnerabilities and remove them as well. That is why we always recommend using the latest available version. We suggest you please download and try Aspose.PDF for Java 22.3 with a temporary 30-days free license and let us know in case you find any issues.
@TandFSP
Adding more to our previous response, a ticket as PDFJAVA-41545 has also been registered in our issue management system to investigate the mentioned vulnerability. The ticket has been linked to this forum thread so that you may receive a notification as soon as it is resolved. Please be patient and spare us some time.
The issues you have found earlier (filed as PDFJAVA-41545) have been fixed in Aspose.PDF for Java 22.7.