[ https://issues.apache.org/jira/browse/TINKERPOP-2185?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16800489#comment-16800489 ]
Alex Ott commented on TINKERPOP-2185: ------------------------------------- Another, short term alternative is to use patched version of commons-configuration provided by RedHat: https://mvnrepository.com/artifact/commons-configuration/commons-configuration/1.10.0.redhat-1 > Use commons-configuration2 instead of commns-configuration > ---------------------------------------------------------- > > Key: TINKERPOP-2185 > URL: https://issues.apache.org/jira/browse/TINKERPOP-2185 > Project: TinkerPop > Issue Type: Bug > Affects Versions: 3.3.6, 3.4.1 > Reporter: Alex Ott > Priority: Major > > Product called Whitesource reports vulnerabilities in the > commons-configuration 1.10 that is dependency of the gremlin-core module. As > result, some projects couldn't be allowed to production because of the > failing check. -- This message was sent by Atlassian JIRA (v7.6.3#76005)