Hi all, I recently noted that commons-fileupload:commons-fileupload:1.4 has a dependency on commons-io:commons-io:2.2, which has a CVE (CVE-2021-29425). This could be mitigated by simply updating the dependency version to 2.7 or later. Would it be possible to publish a newer version of commons-fileupload with these changes?
Thanks, Daniel Wille
