You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@struts.apache.org by "Daniel Wu (Jira)" <ji...@apache.org> on 2022/10/19 18:49:00 UTC

[jira] [Updated] (WW-5246) commons-text CVE issue

     [ https://issues.apache.org/jira/browse/WW-5246?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Daniel Wu updated WW-5246:
--------------------------
    Issue Type: Improvement  (was: Dependency)

> commons-text CVE issue
> ----------------------
>
>                 Key: WW-5246
>                 URL: https://issues.apache.org/jira/browse/WW-5246
>             Project: Struts 2
>          Issue Type: Improvement
>    Affects Versions: 6.0.0, 6.0.3
>            Reporter: Daniel Wu
>            Priority: Critical
>
> As you may already aware of the [NVD - CVE-2022-42889 (nist.gov) {color:#172b4d}+issue+{color}|https://nvd.nist.gov/vuln/detail/CVE-2022-42889], which impacts Apache Commons Text library (versions up to and including 1.9 are impacted). I am reaching out to your team to try to get an update on this issue. Could you let me know the estimated timeline for addressing this issue? It will be great if the upcoming release could include the fix. 
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)