You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@flume.apache.org by "Nikita Pande (Jira)" <ji...@apache.org> on 2023/02/13 14:06:00 UTC
[jira] [Created] (FLUME-3447) Upgrade commons-text version to fix CVE-2022-42889
Nikita Pande created FLUME-3447:
-----------------------------------
Summary: Upgrade commons-text version to fix CVE-2022-42889
Key: FLUME-3447
URL: https://issues.apache.org/jira/browse/FLUME-3447
Project: Flume
Issue Type: Improvement
Affects Versions: 1.11.0
Reporter: Nikita Pande
Upgrade commons-text version to ensure downstream applications are not at risk from CVE-2022-42889.
[https://nvd.nist.gov/vuln/detail/CVE-2022-42889]
The CVE is related to variable expansion through the utility class {{{}org.apache.commons.text.lookup.StringLookup{}}}.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@flume.apache.org
For additional commands, e-mail: issues-help@flume.apache.org