Uploaded image for project: 'Commons FileUpload'
  1. Commons FileUpload
  2. FILEUPLOAD-347

CVE in commons-io versions less than 2.7

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Task
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 1.4
    • 1.5
    • None

    • java 17 on macos

    Description

      Current version of commons-fileupload depends on common-io 2.2 which has a medium level CVE. Looks like the github unreleased version is already using the latest, so once this is released the CVE should go away.

      Attachments

        Issue Links

        is duplicated by

        Wish - General wishlist item. FILEUPLOAD-343 Update Project Version

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Closed

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            mikebrew Michael Brewer
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment