You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@commons.apache.org by "Dinesh (Jira)" <ji...@apache.org> on 2022/08/09 08:33:00 UTC

[jira] [Comment Edited] (VALIDATOR-390) Upgrade to Commons Collections 4.x

    [ https://issues.apache.org/jira/browse/VALIDATOR-390?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17577268#comment-17577268 ] 

Dinesh edited comment on VALIDATOR-390 at 8/9/22 8:32 AM:
----------------------------------------------------------

Hi, 

There is security issue related to apache commons collection version < 4.3.x, Ref: [https://advisory.checkmarx.net/advisory/vulnerability/Cx78f40514-81ff/]

Adding this comment just to avoid version less than 4.3


was (Author: bhagat_dineshbe2006):
Hi, 

There is security issue related to apache commons collection version < 4.3.x, Ref: [https://advisory.checkmarx.net/advisory/vulnerability/Cx78f40514-81ff/]



 

> Upgrade to Commons Collections 4.x
> ----------------------------------
>
>                 Key: VALIDATOR-390
>                 URL: https://issues.apache.org/jira/browse/VALIDATOR-390
>             Project: Commons Validator
>          Issue Type: Improvement
>            Reporter: Jake Brownell
>            Priority: Minor
>
> Commons Validator 1.5 now uses Java 1.6. Commons Collections 4.0/4.1 has the same Java requirement.
> I noticed that CV seems to be the only one of many third party dependencies in my project that requires CC 3.2.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)