Uploaded image for project: 'ActiveMQ Artemis'
  1. ActiveMQ Artemis
  2. ARTEMIS-4069

CVE-2022-42889: commons-text-1.9

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 2.26.0
    • None
    • None
    • None

    Description

      Based on https://nvd.nist.gov/vuln/detail/CVE-2022-42889, commons-text-1.9 (which is a transitive dependency of Artemis) is vulnerable due to the StringLookup feature. 

      Please provide information about the impact (is Artemis vulnerable?), and ETA for upgrading to a non-vulnerable version. 

      Attachments

        Issue Links

          duplicates

          Dependency upgrade - Upgrading a dependency to a newer version ARTEMIS-4060 Upgrade Commons Text to 1.10.0

          • Critical - Crashes, loss of data, severe memory leak.
          • Closed

          Activity

            People

              Unassigned Unassigned
              jakubmoravec Jakub Moravec
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: