Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

dependency commons-beanutils 1.8.3 vulnerability

Description

commons-beanutils needs to be updated to at least 1.9.3 to fix CVE-2019-10086.

It turns out it's not too difficult to do, it just required masking out commons-beanutils-core in a few dependencies, as they don't split -core out anymore as of 1.9.

Acceptance / Success Criteria

None

Lucidchart Diagrams

Activity

Show:

Benjamin Reed June 25, 2020 at 2:46 PM

Fixed in foundation-2016 and up.

Benjamin Reed June 16, 2020 at 7:27 PM

Fixed

Details

Assignee

Reporter

Labels

Sprint

Fix versions

Affects versions

Priority

PagerDuty

Created June 16, 2020 at 7:14 PM
Updated July 13, 2020 at 3:38 PM
Resolved June 25, 2020 at 2:46 PM

Flag notifications