[ https://issues.apache.org/jira/browse/MNG-7513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17568104#comment-17568104 ]
Hudson commented on MNG-7513: ----------------------------- Build succeeded in Jenkins: Maven » Maven TLP » maven » PR-770 #2 See https://ci-maven.apache.org/job/Maven/job/maven-box/job/maven/job/PR-770/2/ > Address commons-io_commons-io vulnerability found in maven latest version > ------------------------------------------------------------------------- > > Key: MNG-7513 > URL: https://issues.apache.org/jira/browse/MNG-7513 > Project: Maven > Issue Type: Task > Affects Versions: 3.8.6 > Reporter: Polu Ram Charan Teja > Assignee: Michael Osipov > Priority: Major > Fix For: 3.9.0, 4.0.0-alpha-1, 4.0.0 > > > In the maven latest version 3.8.6 one dependency is identified with known > vulnerabilities in commons-io-2.6.jar CVE-2021-29425. so please suggest if > you have plan to upgrade commons-io to latest version as we are getting > impacted due to security checks -- This message was sent by Atlassian Jira (v8.20.10#820010)