You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@directory.apache.org by "Emmanuel Lécharny (Jira)" <ji...@apache.org> on 2023/04/06 04:57:00 UTC

[jira] [Created] (DIRAPI-390) Upgrade commons-text as it flags the project with CVE-2022-42889

Emmanuel Lécharny created DIRAPI-390:
----------------------------------------

             Summary: Upgrade commons-text as it flags the project with CVE-2022-42889
                 Key: DIRAPI-390
                 URL: https://issues.apache.org/jira/browse/DIRAPI-390
             Project: Directory Client API
          Issue Type: Task
    Affects Versions: 2.1.2
            Reporter: Emmanuel Lécharny
             Fix For: 2.1.3


We use commons-text, which is subject to CVE-2022-42889.

Even if we don't use the part that triggers this CVE, tools are now flagging the LDAP API as vulnerable because we depends on this library.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org