You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@commons.apache.org by "Ramakrishnan (Jira)" <ji...@apache.org> on 2020/06/11 05:38:00 UTC
[jira] [Created] (DIGESTER-193) Upgrade commons-beanutils to 1.9.4
Ramakrishnan created DIGESTER-193:
-------------------------------------
Summary: Upgrade commons-beanutils to 1.9.4
Key: DIGESTER-193
URL: https://issues.apache.org/jira/browse/DIGESTER-193
Project: Commons Digester
Issue Type: Bug
Affects Versions: 3.2
Reporter: Ramakrishnan
Upgrade commons-beanutils to 1.9.4
*Vulnerability:*
commons-beanutils-1.8.3.jar (pkg:maven/commons-beanutils/commons-beanutils@1.8.3, cpe:2.3:a:apache:commons_beanutils:1.8.3:*:*:*:*:*:*:*) : CVE-2014-0114, CVE-2019-10086
Refer: https://nvd.nist.gov/vuln/detail/CVE-2014-0114
*Dependency Tree:*
[INFO] | +- org.apache.commons:commons-digester3:jar:3.2:compile
[INFO] | | +- cglib:cglib:jar:2.2.2:compile
[INFO] | | | \- asm:asm:jar:3.3.1:compile
[INFO] | | +- commons-beanutils:commons-beanutils:jar:1.8.3:compile
[INFO] | | \- commons-logging:commons-logging:jar:1.1.1:compile
--
This message was sent by Atlassian Jira
(v8.3.4#803005)