A critical vulnerability within the Apache Commons Text CVE-2022-42889 was published in the National Vulnerability Database on 13 October, 2022
How it impacts with Clarity, Jaspersoft, and ODATA (Clarity SaaS)?
All Supported Clarity, Jaspersoft & ODATA (SaaS Only)
The vulnerability is caused with the use of Apache Commons Text 1.5 through 1.9
Clarity & HDP(ODATA) is not vulnerable
Jaspersoft is vulnerable
On Premise Customers can remediate using the below information