sourabhsparkala commented on pull request #203: URL: https://github.com/apache/shiro/pull/203#issuecomment-648866377
> @carnil the fix (a path traversal issue): [3708d79#diff-98f7bc5c0391389e56531f8b3754081aL139](https://github.com/apache/shiro/commit/3708d7907016bf2fa12691dff6ff0def1249b8ce#diff-98f7bc5c0391389e56531f8b3754081aL139) The above fix addressing CVE-2020-1957 seems to be reverted in this commit. https://github.com/apache/shiro/commit/b90f91875e5e18c4805013c2fa0567b1700f5a96#diff-98f7bc5c0391389e56531f8b3754081aR132 Leading to re-occurring of the CVE in our scan tools. Please let me know any plans for fixing this? ---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected]
