[jira] [Created] (TOMAHAWK-1691) Fix CVE-2025-48924 by updating to commons-lang3:3.18.0

Nikolai Novik (Jira) Wed, 30 Jul 2025 06:17:52 -0700

Nikolai Novik created TOMAHAWK-1691:
---------------------------------------


             Summary: Fix CVE-2025-48924 by updating to commons-lang3:3.18.0
                 Key: TOMAHAWK-1691
                 URL: https://issues.apache.org/jira/browse/TOMAHAWK-1691
             Project: MyFaces Tomahawk
          Issue Type: Bug
    Affects Versions: 1.1.14, 1.1.13, 1.1.12, 1.1.11, 1.1.10, 1.1.9, 1.1.8, 
1.1.7, 1.1.6, 1.1.5, 1.1.3, 1.1.2, 1.1.1, 1.1.15-SNAPSHOT
            Reporter: Nikolai Novik


[CVE-2025-48924|https://nvd.nist.gov/vuln/detail/CVE-2025-48924] was revealed 
in {{{}commons-lang:2.4{}}}, which is currently on the list of [dependencies 
for MyFaces 
Tomahawk|https://svn-eu.apache.org/repos/asf/myfaces/site/publish/tomahawk-project/tomahawk/dependencies.html]
 library.

As there is no available fix in {{{}commons-lang:2.x{}}}, Tomahawk should be 
switched to {{{}commons-lang3:3.18.0{}}}.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (TOMAHAWK-1691) Fix CVE-2025-48924 by updating to commons-lang3:3.18.0

Reply via email to