Skip to content

fix(deps): update dependency commons-io:commons-io to v2.14.0 [security]#1246

Open
renovate-bot wants to merge 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/maven-commons-io-commons-io-vulnerability
Open

fix(deps): update dependency commons-io:commons-io to v2.14.0 [security]#1246
renovate-bot wants to merge 1 commit intoGoogleCloudPlatform:mainfrom
renovate-bot:renovate/maven-commons-io-commons-io-vulnerability

Conversation

@renovate-bot
Copy link
Contributor

@renovate-bot renovate-bot commented Oct 3, 2024

This PR contains the following updates:

Package Change Age Adoption Passing Confidence
commons-io:commons-io (source) 2.13.0 -> 2.14.0 age adoption passing confidence

GitHub Vulnerability Alerts

CVE-2024-47554

Uncontrolled Resource Consumption vulnerability in Apache Commons IO.

The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input.

This issue affects Apache Commons IO: from 2.0 before 2.14.0.

Users are recommended to upgrade to version 2.14.0 or later, which fixes the issue.

Configuration

📅 Schedule: Branch creation - "" (UTC), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

Rebasing: Never, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

  • If you want to rebase/retry this PR, check this box

This PR was generated by Mend Renovate. View the repository job log.

@renovate-bot renovate-bot requested a review from a team as a code owner October 3, 2024 17:20
@forking-renovate forking-renovate bot added the automerge Merge the pull request once unit tests and other checks pass. label Oct 3, 2024
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 3, 2024
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Oct 3, 2024
@gcf-merge-on-green gcf-merge-on-green bot removed the automerge Merge the pull request once unit tests and other checks pass. label Oct 4, 2024
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from d730349 to 2c0f040 Compare May 28, 2025 17:50
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 28, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 2c0f040 to 8fbcdba Compare May 29, 2025 03:24
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 8fbcdba to 19e6670 Compare May 29, 2025 12:57
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 29, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 19e6670 to 20bfa0a Compare May 30, 2025 00:38
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 30, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 30, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 20bfa0a to cf52654 Compare May 30, 2025 13:01
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 30, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 30, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from cf52654 to 02fe365 Compare May 31, 2025 03:06
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 02fe365 to 6dd02e4 Compare May 31, 2025 10:40
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 6dd02e4 to 515ba92 Compare May 31, 2025 18:49
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label May 31, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 2, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 250e329 to 3f9a9ca Compare June 2, 2025 12:09
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 2, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 2, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 3f9a9ca to 4c48246 Compare June 2, 2025 23:14
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 2, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 2, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 4c48246 to 978af67 Compare June 3, 2025 07:41
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 3, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 3, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 978af67 to 8501b1d Compare June 3, 2025 19:31
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 3, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 3, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 8501b1d to 2ff0499 Compare June 4, 2025 03:30
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 4, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 4, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 2ff0499 to b17179f Compare June 4, 2025 17:24
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 4, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 4, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from b17179f to 6a7b8a2 Compare June 5, 2025 02:44
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 5, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 5, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 6a7b8a2 to 37a9a9d Compare June 5, 2025 12:47
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 5, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 5, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from 37a9a9d to b759129 Compare June 7, 2025 04:39
@trusted-contributions-gcf trusted-contributions-gcf bot added the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 7, 2025
@kokoro-team kokoro-team removed the kokoro:force-run Add this label to force Kokoro to re-run the tests. label Jun 7, 2025
@renovate-bot renovate-bot force-pushed the renovate/maven-commons-io-commons-io-vulnerability branch from b759129 to af9b500 Compare June 7, 2025 15:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@grayside grayside

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@renovate-bot @grayside @kokoro-team