News

Apache Commons Text is a popular open-source Java library with an "interpolation system" that allows developers to modify, decode, generate, and escape strings based on inputted string lookups.
JMeter 5.5 JMeter maven plugin 3.7.0 JMeter 5.5 version comes with commons-text-1.9.jar library which has identified as a vulnerable library[1]. This issue seems already reported on JMeter and ... How ...
Apache Commons Text versions 1.5 through 1.9 are vulnerable to the CVE-2022-42889, and the flaw has been addressed in Commons Text version 1.10.0.
How to check if you are vulnerable to the Text4Shell vulnerability. To be vulnerable, you must: Use Apache Commons Text version 1.5-1.9 inclusive; Have code using the StringSubstitutor class with ...
The flaw is tracked as CVE-2022-42889 and affects Apache Commons Text versions released before 1.10.0, allowing remote code execution when applied to untrusted input due to insecure interpolation ...
The Apache Software Foundation (ASF) released an updated version of the software (Apache Commons Text 1.10.0) on September 24 but issued an advisory on the flaw only last Thursday.
This vulnerability allows remote code execution (RCE) in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the problem by default. Apache ...
As per the advisory this vulnerability exists in Apache Commons Text version 1.5 through 1.9. This vulnerability, CVE-2022-42889 is popularly referred to as “Text4Shell” or “Act4Shell”. What is the ...
Version 1.10.0 of Apache Commons Text disables these problematic formats by default, ... Check out the latest security news from the Informa TechTarget team.