[jira] [Commented] (FILEUPLOAD-339) OWASP - Dependency-Check found vulnerable dependencies.

Paulo Machado (Jira) Thu, 12 Aug 2021 15:58:09 -0700


    [ 
https://issues.apache.org/jira/browse/FILEUPLOAD-339?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17398342#comment-17398342
 ]


Paulo Machado commented on FILEUPLOAD-339:
------------------------------------------

Hi [~michael-o],

I made a mistake, sorry about that.

The correct CVE is [https://nvd.nist.gov/vuln/detail/CVE-2021-29425]

Actually, there is a Jira for it, but it's marked as resolved. But I didn't how 
it was solved.

https://issues.apache.org/jira/browse/IO-556

[https://lists.apache.org/thread.html/rc359823b5500e9a9a2572678ddb8e01d3505a7ffcadfa8d13b8780ab%40%3Cuser.commons.apache.org%3E]

kind regards,

Paulo

> OWASP - Dependency-Check found vulnerable dependencies.
> -------------------------------------------------------
>
>                 Key: FILEUPLOAD-339
>                 URL: https://issues.apache.org/jira/browse/FILEUPLOAD-339
>             Project: Commons FileUpload
>          Issue Type: Bug
>    Affects Versions: 1.4
>            Reporter: Paulo Machado
>            Priority: Major
>
> Hi guys,
> We have a vulnerability when we use commons-io 2.2:
> [https://nvd.nist.gov/vuln/detail/CVE-2021-35515]
> Could you update it for the latest one, please?
> Thank you!



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (FILEUPLOAD-339) OWASP - Dependency-Check found vulnerable dependencies.

Reply via email to