You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@flume.apache.org by "Nikita Pande (Jira)" <ji...@apache.org> on 2023/02/13 14:06:00 UTC

[jira] [Created] (FLUME-3447) Upgrade commons-text version to fix CVE-2022-42889

Nikita Pande created FLUME-3447:
-----------------------------------

             Summary: Upgrade commons-text version to fix CVE-2022-42889
                 Key: FLUME-3447
                 URL: https://issues.apache.org/jira/browse/FLUME-3447
             Project: Flume
          Issue Type: Improvement
    Affects Versions: 1.11.0
            Reporter: Nikita Pande


Upgrade commons-text version to ensure downstream applications are not at risk from CVE-2022-42889.

[https://nvd.nist.gov/vuln/detail/CVE-2022-42889]

The CVE is related to variable expansion through the utility class {{{}org.apache.commons.text.lookup.StringLookup{}}}.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@flume.apache.org
For additional commands, e-mail: issues-help@flume.apache.org