Closed kittsville closed 5 years ago
Merging #497 into develop will not change coverage. The diff coverage is
n/a
.
@@ Coverage Diff @@
## develop #497 +/- ##
========================================
Coverage 92.49% 92.49%
========================================
Files 244 244
Lines 3890 3890
Branches 288 294 +6
========================================
Hits 3598 3598
Misses 292 292
Continue to review full report at Codecov.
Legend - Click here to learn more
Δ = absolute <relative> (impact)
,ø = not affected
,? = missing data
Powered by Codecov. Last update feb887e...b1cbe43. Read the comment docs.
@kittsville, thanks for opening these. With the way Twitter's monorepo works though, we need to ensure that we can upgrade the entire company at one time, which generally requires more internal work. I or another team member will be looking at these more closely sometime this week.
@kittsville merged in d5d3273729d526e610f9f3c7f8c2bce976d971dc. Thanks!
Problem
Commons FileUpload 1.3.1 has a high severity vulnerability: https://nvd.nist.gov/vuln/detail/CVE-2016-3092
Solution
Update Commons FileUpload to a version not vulnerable