[jira] [Created] (CXF-8778) Upgrade commons-text to address CVE-2022-42889

Ragul (Jira) Thu, 27 Oct 2022 04:02:04 -0700

Ragul created CXF-8778:
--------------------------

             Summary: Upgrade commons-text to address CVE-2022-42889
                 Key: CXF-8778
                 URL: https://issues.apache.org/jira/browse/CXF-8778
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.4.9, 3.5.4
            Reporter: Ragul



Version 3.5.4 & 3.4.9 of CXF contains the apache commons-text vulnerable 
library (1.9) 

[CVE - CVE-2022-42889 
(mitre.org)|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42889]

Fix was available in 1.10.0 commons-text

Is there any plan to upgrade and address this issue?



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (CXF-8778) Upgrade commons-text to address CVE-2022-42889

Reply via email to