[ https://issues.apache.org/jira/browse/WAGON-625?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17863934#comment-17863934 ]
ASF GitHub Bot commented on WAGON-625: -------------------------------------- slachiewicz merged PR #106: URL: https://github.com/apache/maven-wagon/pull/106 > Upgrade To commons-io 2.14.0 > ---------------------------- > > Key: WAGON-625 > URL: https://issues.apache.org/jira/browse/WAGON-625 > Project: Maven Wagon > Issue Type: Dependency upgrade > Affects Versions: 3.5.1 > Reporter: Ryan Baxter > Priority: Major > Fix For: 4.0.0-M1 > > Attachments: screenshot-1.png > > > commons-io 2.6 is effected by CVE-2021-29425 which is addressed in 2.7 > https://nvd.nist.gov/vuln/detail/CVE-2021-29425 -- This message was sent by Atlassian Jira (v8.20.10#820010)