You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@maven.apache.org by "Michael Osipov (Jira)" <ji...@apache.org> on 2022/12/20 10:00:00 UTC
[jira] [Updated] (MNG-7513) Address commons-io_commons-io vulnerability found in maven latest version
[ https://issues.apache.org/jira/browse/MNG-7513?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Michael Osipov updated MNG-7513:
--------------------------------
Fix Version/s: 3.8.x-candidate
> Address commons-io_commons-io vulnerability found in maven latest version
> -------------------------------------------------------------------------
>
> Key: MNG-7513
> URL: https://issues.apache.org/jira/browse/MNG-7513
> Project: Maven
> Issue Type: Task
> Affects Versions: 3.8.6
> Reporter: Polu Ram Charan Teja
> Assignee: Michael Osipov
> Priority: Major
> Fix For: 3.8.x-candidate, 3.9.0, 4.0.0-alpha-2, 4.0.0
>
>
> In the maven latest version 3.8.6 one dependency is identified with known vulnerabilities in commons-io-2.6.jar CVE-2021-29425. so please suggest if you have plan to upgrade commons-io to latest version as we are getting impacted due to security checks
--
This message was sent by Atlassian Jira
(v8.20.10#820010)