OpenGrok tools allow you to "deploy" a war file for the app rather than using the devel/opengrok port. This likely means the old version is vulnerable to CVE-2021–2322 It should get updated to at least version 1.6.9.
@Reporter Can you provide upstream and addition references / links with regard to this issue?
^Triage: opengrok-tools is developed in the same repository as opengrok, and may require matching versions to the underlying opengrok version. Set dependency on the opengrok issue accordingly Needs confirmation. Note also: Latest opengrok version is 1.7.25
devel/opengrok has been upgraded to 1.7.31, which is now the latest.
^Triage: Assign to committer that resolved (via bug 260534)