You are viewing a plain text version of this content. The canonical link for it is here.

Posted to user@commons.apache.org by Debraj Manna <su...@gmail.com> on 2020/05/27 10:55:06 UTC

Updating common-beanutils 1.9.2 on common-validator

Hi

common-validator 1.6 uses common-beanutils 1.9.2 which has a vulnerability
as explained in the below link

https://vuldb.com/?id.140386

Is there any plan for updating the common-beanutils to the latest in
common-validator?

Thanks,

Re: Updating common-beanutils 1.9.2 on common-validator

Posted by Gary Gregory <ga...@gmail.com>.

Hi,

You can update the dependency to common-beanutils 1.9.4 in your own POM or
whatever you use to manage dependencies (Ivy, Gradle, and so on.)

There is no schedule for release Commons Validator at this time, I imagine
it will happen at some undetermined time in the future.

Gary

On Wed, May 27, 2020 at 6:55 AM Debraj Manna <su...@gmail.com>
wrote:

> Hi
>
> common-validator 1.6 uses common-beanutils 1.9.2 which has a vulnerability
> as explained in the below link
>
> https://vuldb.com/?id.140386
>
> Is there any plan for updating the common-beanutils to the latest in
> common-validator?
>
> Thanks,
>