Does CVE-2022-42889 affect ConnectALL?
search cancel

Does CVE-2022-42889 affect ConnectALL?

book

Article ID: 375796

calendar_today

Updated On:

Products

ConnectAll On-Prem ConnectALL

Issue/Introduction

Apache Common Text CVE-2022-42889. The affected Apache Commons Text versions 1.5 through 1.9 and it has been patched in version 1.10.

Environment

3.4.0

Resolution

ConnectALL has already remediated this vulnerability by bundling commons-text-1.11.0.jar with the latest release.
You can check which version of commons-text.jar you have in below location and plan to upgrade to 3.4.0 and above to remediate the same.

..\UI\tomcat\tomcat\webapps\ConnectAll\WEB-INF\lib\

NB : It is not recommended to upgrade the commons-text.jar to any higher version manually.

Powered by Wolken Software