Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-19822

Suppress CVE-2024-47554 against velocity-engine-core

XMLWordPrintable

    • Icon: Task Task
    • Resolution: Done
    • Icon: Major Major
    • 34.0.0.Final
    • None
    • None
    • None

      Although velocity-engine does shade in some classes from commons-io it is only a small subset and does not include the affected class:

      rg/apache/velocity/shaded/
org/apache/velocity/shaded/commons/
org/apache/velocity/shaded/commons/io/
org/apache/velocity/shaded/commons/io/FilenameUtils.class
org/apache/velocity/shaded/commons/io/IOCase.class
META-INF/maven/commons-io/
META-INF/maven/commons-io/commons-io/
META-INF/maven/commons-io/commons-io/pom.xml
META-INF/maven/commons-io/commons-io/pom.properties

              darran.lofthouse@redhat.com Darran Lofthouse
              darran.lofthouse@redhat.com Darran Lofthouse
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

                Created:
                Updated:
                Resolved: