Re: [go-cd] Go-Agent || CVE-2022-42889

Hiya GoCD has been using commons-text 1.10 (with the issue you refer to fixed) since GoCD 22.3.0: https://github.com/gocd/gocd/commit/293022076385c48c9fb41485b5674fa2e69c29c1 The agent *bootstrapper* doesn't use commons-text at all, however the agent jar which is dynamically downloaded from the s

[go-cd] Go-Agent || CVE-2022-42889

Hello There, Any idea how can if there a remediation for (CVE-2022-42889 - Arbitrary code execution in Apache Commons Text · CVE-2022-42889 · GitHub Advisory Database ) on (go-agent), please? I am using go-agent (v23.1) and I found it is usin