[jira] [Resolved] (JEXL-444) Vulnerabilities (CVE-2025-48924) found in maven for jexl 3.5.0

Gary D. Gregory (Jira) Fri, 25 Jul 2025 10:55:03 -0700


     [ 
https://issues.apache.org/jira/browse/JEXL-444?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Gary D. Gregory resolved JEXL-444.
----------------------------------
    Fix Version/s: 3.5.1
       Resolution: Fixed

[~xupengcheng] 

This is already done is gir master. 

Until the release, you can update the dependency in your pom.xml.

> Vulnerabilities (CVE-2025-48924) found in maven for jexl 3.5.0
> --------------------------------------------------------------
>
>                 Key: JEXL-444
>                 URL: https://issues.apache.org/jira/browse/JEXL-444
>             Project: Commons JEXL
>          Issue Type: Improvement
>            Reporter: Xu Pengcheng
>            Priority: Major
>             Fix For: 3.5.1
>
>
> [https://mvnrepository.com/artifact/org.apache.commons/commons-jexl3/3.5.0]
> Can you please help to upgrade the dependency.
> BTW, when will 3.5.1 be released?
> Thanks!



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Resolved] (JEXL-444) Vulnerabilities (CVE-2025-48924) found in maven for jexl 3.5.0

Reply via email to