Skip to content

deps: update dependency commons-io:commons-io to v2.14.0 [security] #316

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
renovate-bot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

deps: update dependency commons-io:commons-io to v2.14.0 [security] #316

renovate-bot wants to merge 1 commit into from

Conversation

@renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Oct 3, 2024
edited
Loading

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
commons-io:commons-io (source) 2.11.02.14.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-47554

Uncontrolled Resource Consumption vulnerability in Apache Commons IO.

The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.

This issue affects Apache Commons IO: from 2.0 before 2.14.0.

Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate-bot renovate-bot requested a review from a team as a code owner October 3, 2024 17:03
@product-auto-label product-auto-label bot added the size: xs Pull request size is extra small. label Oct 3, 2024
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 3, 2024
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 3, 2024
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from b07fd44 to 1aca1d1 Compare May 28, 2025 15:09
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 1aca1d1 to 63c9ad7 Compare May 28, 2025 20:28
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 63c9ad7 to df50fb8 Compare May 29, 2025 01:09
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from df50fb8 to 3432e7e Compare May 29, 2025 04:33
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 3432e7e to e821dc6 Compare May 29, 2025 09:37
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from e821dc6 to e9ddb43 Compare May 29, 2025 15:35
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from e9ddb43 to 26933cc Compare May 29, 2025 19:41
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 26933cc to 37ecde6 Compare May 29, 2025 23:28
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 37ecde6 to 96772f4 Compare May 30, 2025 00:59
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 30, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 7, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from e1ce83a to f8af200 Compare October 7, 2025 10:36
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 7, 2025
@yoshi-kokoro yoshi-kokoro removed kokoro:force-run Add this label to force Kokoro to re-run the tests. labels Oct 7, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from f8af200 to 55492e3 Compare October 7, 2025 14:30
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 7, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 7, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 55492e3 to 1faa9c8 Compare October 8, 2025 00:46
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 1faa9c8 to 2f13941 Compare October 8, 2025 08:29
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 2f13941 to bdbdc2b Compare October 8, 2025 15:29
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from bdbdc2b to 7c914ee Compare October 8, 2025 19:05
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 7c914ee to f62e186 Compare October 8, 2025 21:41
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 8, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from f62e186 to 6d741e3 Compare October 9, 2025 02:12
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 9, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 9, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 6d741e3 to 4749261 Compare October 9, 2025 06:29
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 9, 2025
@yoshi-kokoro yoshi-kokoro removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 9, 2025
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

size: xs Pull request size is extra small.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@renovate-bot @yoshi-kokoro