Good morning, all. org.apache.directory.api:api-all depends on Apache text-commons version 1.9 which has a CVE with a score of 9.8. Is there an update in the works that uses a non-vulnerable version of text-commons? I didn't find an issue in Jia.
Also, is the usage of the LDAP client susceptible to the issue? The CVE is CVE-2022-42889. -- TIA! Travis Spencer --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@directory.apache.org For additional commands, e-mail: users-h...@directory.apache.org
