CVE and Aspose.Words old versions

@tahir.manzoor could you please try to answer the following questions nonetheless:

How people with older versions of Aspose can know their exposure to those issues?
This is the purpose of responsible disclosure procedure. Can you please share more information about the problems that were fixed?

We have the same problem. We are using an older version of Aspose.Words and are trying to find out if these issues are affecting us. This can only be done if additional information about the specific nature of these vulnerabilities is publicized.

Since the adaptation of a new version of Aspose.Words would be very costly, we would rather attempt to amend existing issues if at all possible instead of updating. Some of these vulnerabilities might not even apply to our particular setup. But in order to find out, we would require additional insights about these vulnerabilities.

Thank you in advance.

@0xJr

Please note that we do not provide support for older released versions of Aspose.Words. Moreover, we do not provide any fixes or patches for old versions of Aspose products either.

We always encourage our customers to use the latest version of Aspose.Words as it contains newly introduced features, enhancements and fixes to the issues that were reported earlier.

We would like to share with you that the reported security vulnerabilities issue was fixed in Aspose.Words for Java 18.10.