Hi,
I'd like to inform you about a possible limited path traversal
vulnerability, that has been detected in Apache Commons IO 2.2 to 2.6.
This is now being tracked as CVE-2021-29425. Fortunately, this has
already been covered in versions 2.7, and 2.8.
On behalf of the Apache Commons team,
Jochen
Hi
Sorry for the delayed response. Thanks for your patience. Please
find my comments below:
(1) Why not Spark? [At least post over there (?).]
--We can move to Spark. But it will be very much useful if the things
can also run without Spark. The use of Spark would make more sense
