[
https://issues.apache.org/jira/browse/IO-461?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Sebb resolved IO-461.
---------------------
Resolution: Not a Problem
Agreed.
If the tool shows a problem with the current version of IO (2.4) then please
re-open the issue with sufficient details to be able to investigate it.
> Veracode scan detected OS command injection vulnerability in
> commons-io-1.2.jar - FileSystemUtils.java:357
> ----------------------------------------------------------------------------------------------------------
>
> Key: IO-461
> URL: https://issues.apache.org/jira/browse/IO-461
> Project: Commons IO
> Issue Type: Bug
> Affects Versions: 1.2
> Reporter: Arkadeep Kundu
>
> Commons IO is embedded in EMC Corporation's DFS 6.7SP1.
> We performed Veracode scan for DFS 6.7SP1 and scan reported that code in
> commons-io-1.2.jar - FileSystemUtils.java:357 (no further details) is
> POSSIBLY vulnerable for OS command injection attacks.
> Need update on this from Apache side.
> It it really vulnerable? if yes, is it fixed in some future version?
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
