Hi Team,
As part of our search implementation, we are working on backend logic to traverse the parent nodes of a page up to certain levels using Apache Sling Queries (Query-inspired repository traversal tool for Sling).
Sling Query is a bundle which is not a part of AEM Felix console.
https://sling.apache.org/documentation/bundles/sling-query.html
https://mvnrepository.com/artifact/org.apache.sling/org.apache.sling.query/4.0.2
Questions:
1) Are we good to use this external bundle in AEM. Will there be any vulnerability/ security issue because of this external bundle usage.
As per our analysis, there is one vulnerability mentioned for Junit which is fixed with Java 17 & above and with Junit version 4.1.13.
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15250
2) Did any one already using this Apache Sling Query in their application?
3) Is there any best practices which we need to consider while using third party external bundles in AEM?
Kindly clarify. Thanks.
