[
https://issues.apache.org/jira/browse/FLINK-38193?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Jakub Stejskal updated FLINK-38193:
-----------------------------------
Description: Flink seems to be affected by
[CVE-2025-48924|https://nvd.nist.gov/vuln/detail/CVE-2025-48924] This should be
fixable by bump commons-lang3 to 3.18 or newer. (was: Flink seems to be
affected by [CVE-2025-48924|[https://nvd.nist.gov/vuln/detail/CVE-2025-48924]]
This should be fixable by bump commons-lang3 to 3.18 or newer.)
> Upgrade org.apache.commons:commons-lang3 from 3.12.0 to 3.18.0 to mitigate
> CVE-2025-48924
> -----------------------------------------------------------------------------------------
>
> Key: FLINK-38193
> URL: https://issues.apache.org/jira/browse/FLINK-38193
> Project: Flink
> Issue Type: Improvement
> Components: Connectors / Common, Connectors / FileSystem
> Affects Versions: 2.1.0, 2.1.1
> Reporter: Jakub Stejskal
> Priority: Major
> Labels: pull-request-available
>
> Flink seems to be affected by
> [CVE-2025-48924|https://nvd.nist.gov/vuln/detail/CVE-2025-48924] This should
> be fixable by bump commons-lang3 to 3.18 or newer.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
