[jira] [Created] (IO-461) Veracode scan detected OS command injection vulnerability in commons-io-1.2.jar - FileSystemUtils.java:357

Arkadeep Kundu (JIRA) Mon, 01 Dec 2014 01:58:31 -0800

Arkadeep Kundu created IO-461:
---------------------------------

             Summary: Veracode scan detected OS command injection vulnerability 
in commons-io-1.2.jar - FileSystemUtils.java:357
                 Key: IO-461
                 URL: https://issues.apache.org/jira/browse/IO-461
             Project: Commons IO
          Issue Type: Bug
    Affects Versions: 1.2
            Reporter: Arkadeep Kundu



Commons IO is embedded in EMC Corporation's DFS 6.7SP1.
We performed Veracode scan for DFS 6.7SP1 and scan reported that code in 
commons-io-1.2.jar - FileSystemUtils.java:357 (no further details) is POSSIBLY 
vulnerable.

Need update on this from Apache side.
It it really vulnerable? if yes, is it fixed in some future version?



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

[jira] [Created] (IO-461) Veracode scan detected OS command injection vulnerability in commons-io-1.2.jar - FileSystemUtils.java:357

Reply via email to