Uploaded image for project: 'Commons FileUpload'
  1. Commons FileUpload
  2. FILEUPLOAD-347

CVE in commons-io versions less than 2.7

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.4
    • 1.5
    • None

    • java 17 on macos

    Description

      Current version of commons-fileupload depends on common-io 2.2 which has a medium level CVE. Looks like the github unreleased version is already using the latest, so once this is released the CVE should go away.

      Attachments

        Issue Links

          is duplicated by

          Wish - General wishlist item. FILEUPLOAD-343 Update Project Version

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed

          Activity

            People

              Unassigned Unassigned
              mikebrew Michael Brewer
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: