Lukasz Lenart created WW-5131:
---------------------------------
Summary: Upgrade commons-io to version 2.9
Key: WW-5131
URL: https://issues.apache.org/jira/browse/WW-5131
Project: Struts 2
Issue Type: Dependency
Reporter: Lukasz Lenart
Fix For: 2.6
Apache Commons IO 2.6 has a known vulnerability CVE-2021-29425 - yet upgrade
requires to use Java 8 which can be only done in Struts 2.6.
Users os Struts 2.5.x should upgrade commons-io manually when running on Java 8.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)