Apache Commons Text v1.9 CVE-2022-42889

According to CVE-2022-42889 Apache Commons Text version 1.5 through 1.9 have insecure interpolation defaults. I have found org.apache.commons.commons-text_1.9.0.jar in my installation folder of KNIME 4.6.3.
Is KNIME affected by this vulnerability?

Best regards,

1 Like

No, it’s not. We are not using the broken class from that library.


This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.