[jira] [Created] (KARAF-7737) Stepup to use latest commons-fileupload

Karthick (Jira) Mon, 07 Aug 2023 22:38:09 -0700

Karthick created KARAF-7737:
-------------------------------

             Summary: Stepup to use latest commons-fileupload
                 Key: KARAF-7737
                 URL: https://issues.apache.org/jira/browse/KARAF-7737
             Project: Karaf
          Issue Type: Task
          Components: karaf
    Affects Versions: 4.4.3
            Reporter: Karthick



We use latest Apache Karaf runtime 4.4.3. Our security scanners flag 
CVE-2023-24988 on this because the karaf.webconsole 
[https://mvnrepository.com/artifact/org.apache.karaf.webconsole/org.apache.karaf.webconsole.console/4.4.3]
 uses vulnerable commons-fileupload 1.4

 

There is new version of this fileupload which is clear from the CVE. So please 
stepup to the newer version in the upcoming Karaf release.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (KARAF-7737) Stepup to use latest commons-fileupload

Reply via email to