Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

Upgrade commons-io from 2.11.0 to 2.18.0 fixing CVE-2024-47554

Description

https://lists.apache.org/thread/6ozr91rr9cj5lm0zyhv30bsp317hk5z1

Uncontrolled Resource Consumption vulnerability in Apache Commons IO.

The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.

This issue affects Apache Commons IO: from 2.0 before 2.14.0.

Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

Activity

Show:

Details

Assignee

Reporter

Labels

Priority

Development Team

Core: Platform

RCA Group

TBD

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs

Created March 9, 2025 at 12:44 PM
Updated March 9, 2025 at 4:51 PM
TestRail: Cases
TestRail: Runs