News

How to check if you are vulnerable to the Text4Shell vulnerability. To be vulnerable, you must: Use Apache Commons Text version 1.5-1.9 inclusive; Have code using the StringSubstitutor class with ...
This vulnerability allows remote code execution (RCE) in Apache Commons Text. It affects version numbers 1.5-1.9, and an upgrade to Apache Commons Text 1.10.0 disables the problem by default. Apache ...
Apache Commons Text is a popular open-source Java library with an "interpolation system" that allows developers to modify, decode, generate, and escape strings based on inputted string lookups.
As per the advisory this vulnerability exists in Apache Commons Text version 1.5 through 1.9. This vulnerability, CVE-2022-42889 is popularly referred to as “Text4Shell” or “Act4Shell”. What is the ...
Apache Commons Text versions 1.5 through 1.9 are vulnerable to the CVE-2022-42889, and the flaw has been addressed in Commons Text version 1.10.0.
Version 1.10.0 of Apache Commons Text disables these problematic formats by default, ... Check out the latest security news from the Informa TechTarget team.