Details
-
Bug
-
Status: Closed
-
Critical
-
Resolution: Duplicate
-
1.23, 1.24, 1.24.1
-
None
-
None
-
None
Description
Latest tika-bundle jars use commons-io-1.26.jar in them.
There is a vulnerability reported for commons-io-2.6.jar which is fixed in version 2.7.
Details can be found in the following link:
Project: https://issues.apache.org/jira/browse/IO-559
Please upgrade the version for commons-io to 2.7 in next release.