jmeter icon indicating copy to clipboard operation
jmeter copied to clipboard
verified publisher icon apache

Upgrade xstream to 1.4.21 for CVE-2024-47072

Open CraigAtInstrumental opened this issue 1 year ago • 1 comments

Expected behavior

There is a high vulnerability in xstream link. It is fixed in 1.4.21.

Actual behavior

N/A

Steps to reproduce the problem

N/A

JMeter Version

5.6.3

Java Version

openjdk version "17.0.13" 2024-10-15

OS Version

Linux station-dev-2 6.8.0-50-generic #51~22.04.1-Ubuntu SMP PREEMPT_DYNAMIC Thu Nov 21 12:03:03 UTC 2 x86_64 x86_64 x86_64 GNU/Linux

CraigAtInstrumental avatar Jan 01 '25 00:01 CraigAtInstrumental

Added PR:here

CraigAtInstrumental avatar Jan 01 '25 00:01 CraigAtInstrumental

Fixed in https://github.com/apache/jmeter/pull/6431

vlsi avatar Oct 29 '25 09:10 vlsi