You are not logged in. Click here
to log in.
codebeamer Application Lifecycle Management (ALM)
Apache Commons Text Packages VulnerabilityDescriptionCVE-2022-42889A flaw was found in Apache Commons Text packages 1.5 through 1.9. The affected versions allow an attacker to benefit from a variable interpolation process contained in Apache Commons Text, which can cause properties to be dynamically defined. Server applications are vulnerable to remote code execution (RCE) and unintentional contact with untrusted remote servers.
The flaw does not impact codebeamer services in any codebeamer version. The codebeamer 22.10 (GINA) release will be packaged with the new commons-text-1.10.0.jar file. The release is scheduled for end of October 2022.
Source: CVE-2022-42889
It is possible to replace the JAR file manually. To do this, perform the following steps:
|
codebeamer Overview codebeamer Knowledge Base Services by Intland Software |
This website stores cookies on your computer. These cookies are used to improve your browsing experience, constantly optimize the functionality and content of our website, furthermore helps us to understand your interests and provide more personalized services to you, both on this website and through other media. With your permission we and our partners may use precise geolocation data and identification through device scanning. You may click accept to consent to our and our partners’ processing as described above. Please be aware that some processing of your personal data may not require your consent, but you have a right to object to such processing. By using our website, you acknowledge this notice of our cookie practices. By accepting and continuing to browse this site, you agree to this use. For more information about the cookies we use, please visit our Privacy Policy
.Your preferences will apply to this website only.
anonymous
Hotkeys