Uploaded image for project: 'Maven'
  1. Maven
  2. MNG-7513

Address commons-io_commons-io vulnerability found in maven latest version

    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.8.6
    • 3.8.7, 3.9.0, 4.0.0-alpha-2, 4.0.0
    • None
    • None

    Description

      In the maven latest version 3.8.6 one dependency is identified with known vulnerabilities in commons-io-2.6.jar CVE-2021-29425. so please suggest if you have plan to upgrade commons-io to latest version as we are getting impacted due to security checks

      Attachments

        Issue Links

          is duplicated by

          Bug - A problem which impairs or prevents the functions of the product. MNG-7533 jar v2.6 has medium (CVE-2021-29425) Prisma vulnerability associated with maven v3.8.6

          • Major - Major loss of function.
          • Closed
          links to

          Web Link GitHub Pull Request #771

          Activity

            People

              michael-o Michael Osipov
              polu_ram_charan_teja Polu Ram Charan Teja
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: