graphql-spring-boot
graphql-spring-boot copied to clipboard
CVE-2022-42889 in latest version
Describe the bug commons-text (>= 1.5 and <= 1.9) has been flagged by CVE-2022-42889. It affects graphql-spring-boot as its latest version still contains vulnerable version of commons-text (1.9).
To Reproduce https://nvd.nist.gov/vuln/detail/CVE-2022-42889
Expected behavior Upgrade commons-text to 1.10.0 or greater.