colin-si opened a new issue, #4930: URL: https://github.com/apache/servicecomb-java-chassis/issues/4930
### Steps to reproduce (if applicable) Apache commons configuration爆出漏洞CVE-2025-46392,请问2.X什么时候可以升级依赖版本来解决 https://nvd.nist.gov/vuln/detail/CVE-2025-46392 ### What have you tried so far? 尝试根据漏洞提示,主动控制Apache commons configuration版本,但是报出了大量的不兼容。需要社区正向适配切换configuration新版本来解决该漏洞。 ### Additional context _No response_ -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
