Details
-
Improvement
-
Status: Closed
-
Major
-
Resolution: Fixed
-
1.12.4
Description
commons-io 2.7 has known vulnerabilities that are detected in Flink by some tools. Even though it is unlikely that we use the mentioned class. We should upgrade it to make the tools happy.
Context:
VULNDB-239195 "Vendor Specific News/Changelog Entry https://commons.apache.org/proper/commons-io/changes-report.html#a2.8.0 Vendor Specific Solution URL https://github.com/apache/commons-io/commit/0de91c048fb575b9e7906e966a4428574fd03695 Vendor Specific Solution URL https://github.com/apache/commons-io/commit/97ae01c95837f50a2e9be34c370b271c4d8fc88b Bug Tracker https://issues.apache.org/jira/browse/IO-675"
Attachments
Issue Links
- links to