CVE-2022-42889 was published in the National Vulnerability Database on 13 October, 2022.  More information can be found at https://nvd.nist.gov/vuln/detail/CVE-2022-42889

The vulnerability is caused with the use of Apache Commons Text 1.5 through 1.9.  Is ASM (Application Synthetic Monitor) affected by this?

2022 10-26: A fix will be made available on 10-31.

2022-10-19: Broadcom Support and Engineering is looking into this on priority.  Please check back in this article regularly for updates.