crash.software
Projects
Pull Requests
Issues
Builds
CVE-2022-42889-PoC
Code
Files
Commits
Branches
Tags
Pull Requests
Code Comments
Code Compare
Issues
Builds
Statistics
Child Projects
cra.sh
RESTful API
Projects STRLCPY CVE-2022-42889-PoC Commits d7b4b1e5
🤬
  • ■ ■ ■ ■ ■ ■
    README.md
    skipped 15 lines
    16 16  mvn clean install
    17 17  ```
    18 18   
     19 +# Am I Vulnerable?
     20 + 
     21 +In order for your code to be vulnerable you need to:
     22 +* Be running a version of Apache `commons-text` from version `1.5.0` up to (and not including) `1.10.0`
     23 +* Using Interpolation for your StringSubstituion (see [https://commons.apache.org/proper/commons-text/apidocs/org/apache/commons/text/StringSubstitutor.html](https://commons.apache.org/proper/commons-text/apidocs/org/apache/commons/text/StringSubstitutor.html))
     24 + 
    19 25  The fix for this is to update your instances of `commons-text` to versions `1.10.0` or later.
    20 26   
Please wait...
Page is in error, reload to recover