You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@struts.apache.org by "Daniel Wu (Jira)" <ji...@apache.org> on 2022/10/19 15:43:00 UTC
[jira] [Created] (WW-5246) commons-text CVE issue
Daniel Wu created WW-5246:
-----------------------------
Summary: commons-text CVE issue
Key: WW-5246
URL: https://issues.apache.org/jira/browse/WW-5246
Project: Struts 2
Issue Type: Dependency
Affects Versions: 6.0.3, 6.0.0
Reporter: Daniel Wu
As you may already aware of the [NVD - CVE-2022-42889 (nist.gov) {color:#172b4d}+issue+{color}|https://nvd.nist.gov/vuln/detail/CVE-2022-42889], which impacts Apache Commons Text library (versions up to and including 1.9 are impacted). I am reaching out to your team to try to get an update on this issue. Could you let me know the estimated timeline for addressing this issue? It will be great if the upcoming release could include the fix.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)