[jira] [Assigned] (KARAF-7737) Stepup to use latest commons-fileupload

Jira Sun, 27 Aug 2023 23:09:04 -0700


     [ 
https://issues.apache.org/jira/browse/KARAF-7737?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Jean-Baptiste Onofré reassigned KARAF-7737:
-------------------------------------------

    Assignee: Jean-Baptiste Onofré

> Stepup to use latest commons-fileupload
> ---------------------------------------
>
>                 Key: KARAF-7737
>                 URL: https://issues.apache.org/jira/browse/KARAF-7737
>             Project: Karaf
>          Issue Type: Task
>          Components: karaf
>    Affects Versions: 4.4.3
>            Reporter: Karthick
>            Assignee: Jean-Baptiste Onofré
>            Priority: Minor
>              Labels: security
>
> We use latest Apache Karaf runtime 4.4.3. Our security scanners flag 
> CVE-2023-24988 on this because the karaf.webconsole 
> [https://mvnrepository.com/artifact/org.apache.karaf.webconsole/org.apache.karaf.webconsole.console/4.4.3]
>  uses vulnerable commons-fileupload 1.4
>  
> There is new version of this fileupload which is clear from the CVE. So 
> please stepup to the newer version in the upcoming Karaf release.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Assigned] (KARAF-7737) Stepup to use latest commons-fileupload

Reply via email to