Closed SunBK201 closed 1 day ago
@SunBK201 I have a question about this PR. I noticed that CVE-2019-10086 and CVE-2014-0114 appear to be related. According to https://github.com/advisories/GHSA-p66x-2cv9-qq3v, commons-beanutils:commons-beanutils
became vulnerable in version 1.8.0
. Did you mean to add 1.8.0
as the initial vulnerable version?
Updates
Comments According to Patch, this vulnerability was introduced from 1.9.0.