Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Done
Priority: Major
Fix Version/s: 36.0.1.Final, 37.0.0.Beta1, 37.0.0.Final
Affects Version/s: None
Component/s: Web Services
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly/pull/18911, https://github.com/wildfly/wildfly/pull/18912
[QE] How to address?:
---
[QE] Why QE missed?:
---

Community users are experiencing Velocity Engine 2.3 being incorrectly flagged as vulnerable to CVE-2024-47554 as a couple of classes from commons-io are shaded in.

If we can update to 2.4.1 this version also no longer shades in commons-io classes.

Assignee:: Darran Lofthouse

Reporter:: Darran Lofthouse

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2025/04/29 12:58 PM

Updated:: 2025/08/04 1:29 AM

Resolved:: 2025/05/07 7:40 AM

Details

Description

Attachments

Easy Agile Planning Poker

Activity

People

Dates

Hide