[ https://issues.apache.org/jira/browse/SUREFIRE-1938?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Tibor Digana updated SUREFIRE-1938: ----------------------------------- Summary: Upgrade Apache commons-compress to Version 1.21 (was: Upgrade commons-compress to Version 1.21) > Upgrade Apache commons-compress to Version 1.21 > ----------------------------------------------- > > Key: SUREFIRE-1938 > URL: https://issues.apache.org/jira/browse/SUREFIRE-1938 > Project: Maven Surefire > Issue Type: Dependency upgrade > Components: Maven Surefire Plugin > Reporter: Johannes > Priority: Critical > Fix For: 3.0.0-M6 > > > Apache commons compress before 1.21 exposes these CVE-2021-35515, > CVE-2021-35516, CVE-2021-35517 > and CVE-2021-36090 critical vulnerabilities. -- This message was sent by Atlassian Jira (v8.20.1#820001)