[jira] [Commented] (MNG-7513) Address commons-io_commons-io vulnerability found in maven latest version

ASF GitHub Bot (Jira) Mon, 18 Jul 2022 07:11:07 -0700


    [ 
https://issues.apache.org/jira/browse/MNG-7513?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17568020#comment-17568020
 ]


ASF GitHub Bot commented on MNG-7513:
-------------------------------------

michael-o commented on code in PR #771:
URL: https://github.com/apache/maven/pull/771#discussion_r923419579


##########
pom.xml:
##########
@@ -300,6 +301,13 @@ under the License.
         <groupId>org.apache.maven.shared</groupId>
         <artifactId>maven-shared-utils</artifactId>

Review Comment:
   No, not yet. All coloring is in m-s-u.





> Address commons-io_commons-io vulnerability found in maven latest version
> -------------------------------------------------------------------------
>
>                 Key: MNG-7513
>                 URL: https://issues.apache.org/jira/browse/MNG-7513
>             Project: Maven
>          Issue Type: Task
>    Affects Versions: 3.8.6
>            Reporter: Polu Ram Charan Teja
>            Priority: Major
>
> In the maven latest version 3.8.6 one dependency is identified with known 
> vulnerabilities in commons-io-2.6.jar CVE-2021-29425. so please suggest if 
> you have plan to upgrade commons-io to latest version as we are getting 
> impacted due to security checks



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (MNG-7513) Address commons-io_commons-io vulnerability found in maven latest version

Reply via email to