[jira] [Commented] (SOLR-16324) CVE-2022-33980 in commons-configuration2

Kevin Risden (Jira) Fri, 05 Aug 2022 06:41:07 -0700


    [ 
https://issues.apache.org/jira/browse/SOLR-16324?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17575848#comment-17575848
 ]


Kevin Risden commented on SOLR-16324:
-------------------------------------

https://github.com/apache/solr/blob/main/versions.props#L38 should just be 
bumped it looks like.

> CVE-2022-33980 in commons-configuration2
> ----------------------------------------
>
>                 Key: SOLR-16324
>                 URL: https://issues.apache.org/jira/browse/SOLR-16324
>             Project: Solr
>          Issue Type: Bug
>      Security Level: Public(Default Security Level. Issues are Public) 
>            Reporter: Andrew Kulick
>            Priority: Major
>
> CVE-2022-33980 is present in org.apache.commons_commons-configuration2:2.7. 
> Upgrading to version 2.8 will remediate the issue



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Commented] (SOLR-16324) CVE-2022-33980 in commons-configuration2

Reply via email to