You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Daniel Wu (Jira)" <ji...@apache.org> on 2022/10/19 15:43:00 UTC

[jira] [Created] (WW-5246) commons-text CVE issue

Daniel Wu created WW-5246:
-----------------------------

             Summary: commons-text CVE issue
                 Key: WW-5246
                 URL: https://issues.apache.org/jira/browse/WW-5246
             Project: Struts 2
          Issue Type: Dependency
    Affects Versions: 6.0.3, 6.0.0
            Reporter: Daniel Wu


As you may already aware of the [NVD - CVE-2022-42889 (nist.gov) {color:#172b4d}+issue+{color}|https://nvd.nist.gov/vuln/detail/CVE-2022-42889], which impacts Apache Commons Text library (versions up to and including 1.9 are impacted). I am reaching out to your team to try to get an update on this issue. Could you let me know the estimated timeline for addressing this issue? It will be great if the upcoming release could include the fix. 

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)