About CVE-2022-42889 - Apache commons text

Owned by Elias Brattli Sørensen
Last updated: Oct 18, 2022
1 min read

Apache commons-text has a vulnerability similar to Log4shell. Kantega SSO Enterprise has a dependency to apache commons-text 1.9 which has been patched to 1.10.0 in version 6.0.1: Kantega SSO Enterprise 6.0.x release notes | Changes in 6.0.1 and backported to version 5: Kantega SSO Enterprise 5.11.x release notes | Changes in 5.11.2.