[ https://issues.apache.org/jira/browse/MSHARED-1450?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
jycr updated MSHARED-1450: -------------------------- Description: The latest current version of [maven-shared-utils 3.4.2|https://github.com/apache/maven-shared-utils/releases/tag/maven-shared-utils-3.4.2] (released on May 15, 2023) is vulnerable to [CVE-2024-47554|https://ossindex.sonatype.org/vulnerability/CVE-2024-47554]. Commit [14d655b |https://github.com/apache/maven-shared-utils/commit/14d655bd34a310761f395d83eeae644092cd5c5f] was added to fix this issue in the {{main}} branch on Mar 30, 2024. Can you create a new version of {{maven-shared-utils}} that includes this commit to fix this CVE? was: The latest current version of [maven-shared-utils 3.4.2|https://github.com/apache/maven-shared-utils/releases/tag/maven-shared-utils-3.4.2] (released on May 15, 2023) is vulnerable to [CVE-2024-47554|https://ossindex.sonatype.org/vulnerability/CVE-2024-47554]. Commit [14d655b |https://github.com/apache/maven-shared-utils/commit/14d655bd34a310761f395d83eeae644092cd5c5f] was added to fix this issue in the {{main}} branch on Mar 30, 2024. Can you create a new version of {{file-management}} that includes this commit to fix this CVE? > Make release of 'maven-shared-utils' to fix CVE-2024-47554 > ---------------------------------------------------------- > > Key: MSHARED-1450 > URL: https://issues.apache.org/jira/browse/MSHARED-1450 > Project: Maven Shared Components > Issue Type: Bug > Components: maven-shared-utils > Affects Versions: maven-shared-utils-3.4.2 > Reporter: jycr > Priority: Critical > > The latest current version of [maven-shared-utils > 3.4.2|https://github.com/apache/maven-shared-utils/releases/tag/maven-shared-utils-3.4.2] > (released on May 15, 2023) is vulnerable to > [CVE-2024-47554|https://ossindex.sonatype.org/vulnerability/CVE-2024-47554]. > Commit [14d655b > |https://github.com/apache/maven-shared-utils/commit/14d655bd34a310761f395d83eeae644092cd5c5f] > was added to fix this issue in the {{main}} branch on Mar 30, 2024. > Can you create a new version of {{maven-shared-utils}} that includes this > commit to fix this CVE? -- This message was sent by Atlassian Jira (v8.20.10#820010)