René's URL Explorer Experiment


Title: Fixes #894. Remove outdated commons-lang and commons-configuration dependencies with problematic CVEs. by sabbott1877 · Pull Request #895 · ESAPI/esapi-java-legacy · GitHub

Open Graph Title: Fixes #894. Remove outdated commons-lang and commons-configuration dependencies with problematic CVEs. by sabbott1877 · Pull Request #895 · ESAPI/esapi-java-legacy

X Title: Fixes #894. Remove outdated commons-lang and commons-configuration dependencies with problematic CVEs. by sabbott1877 · Pull Request #895 · ESAPI/esapi-java-legacy

Description: I updated the dependency-check-maven plugin version locally to 12.1.1 and ran with a later JDK to confirm no other CVEs were detected.

Open Graph Description: I updated the dependency-check-maven plugin version locally to 12.1.1 and ran with a later JDK to confirm no other CVEs were detected.

X Description: I updated the dependency-check-maven plugin version locally to 12.1.1 and ran with a later JDK to confirm no other CVEs were detected.

Opengraph URL: https://github.com/ESAPI/esapi-java-legacy/pull/895

X: @github

direct link

Domain: patch-diff.githubusercontent.com

route-pattern/_view_fragments/voltron/pull_requests/show/:user_id/:repository/:id/pull_request_layout(.:format)
route-controllervoltron_pull_requests_fragments
route-actionpull_request_layout
fetch-noncev2:619d5e1f-fc25-70fa-e646-c9ac099050ce
current-catalog-service-hashae870bc5e265a340912cde392f23dad3671a0a881730ffdadd82f2f57d81641b
request-idD87C:39BB24:14253DA:1A95856:69718C8A
html-safe-nonce4396a8dc8387ac580295deebe15f5cc95dd6a89a3e7dbd47939247cd0a5009ac
visitor-payloadeyJyZWZlcnJlciI6IiIsInJlcXVlc3RfaWQiOiJEODdDOjM5QkIyNDoxNDI1M0RBOjFBOTU4NTY6Njk3MThDOEEiLCJ2aXNpdG9yX2lkIjoiMzM2NDAzNzM2MTM1MDQ0MjM0IiwicmVnaW9uX2VkZ2UiOiJpYWQiLCJyZWdpb25fcmVuZGVyIjoiaWFkIn0=
visitor-hmac3f080213cf67a424d7f47f826407573814ce275dcd22ac35f1dc54bce3e77056
hovercard-subject-tagpull_request:2671422818
github-keyboard-shortcutsrepository,pull-request-list,pull-request-conversation,pull-request-files-changed,copilot
google-site-verificationApib7-x98H0j5cPqHWwSMm6dNU4GmODRoqxLiDzdx9I
octolytics-urlhttps://collector.github.com/github/collect
analytics-location///voltron/pull_requests_fragments/pull_request_layout
fb:app_id1401488693436528
apple-itunes-appapp-id=1477376905, app-argument=https://github.com/_view_fragments/voltron/pull_requests/show/ESAPI/esapi-java-legacy/895/pull_request_layout
twitter:imagehttps://opengraph.githubassets.com/142c990320e071c82f41813239d14eb22bd54b03a302f43719fee469a5fc70be/ESAPI/esapi-java-legacy/pull/895
twitter:cardsummary_large_image
og:imagehttps://opengraph.githubassets.com/142c990320e071c82f41813239d14eb22bd54b03a302f43719fee469a5fc70be/ESAPI/esapi-java-legacy/pull/895
og:image:altI updated the dependency-check-maven plugin version locally to 12.1.1 and ran with a later JDK to confirm no other CVEs were detected.
og:image:width1200
og:image:height600
og:site_nameGitHub
og:typeobject
og:author:usernamesabbott1877
hostnamegithub.com
expected-hostnamegithub.com
None2b0f2f00499ad3dd2c21ad030a3c403edca54df20ea256f6517c6d8c4fa3a1a4
turbo-cache-controlno-preview
go-importgithub.com/ESAPI/esapi-java-legacy git https://github.com/ESAPI/esapi-java-legacy.git
octolytics-dimension-user_id5580725
octolytics-dimension-user_loginESAPI
octolytics-dimension-repository_id23857463
octolytics-dimension-repository_nwoESAPI/esapi-java-legacy
octolytics-dimension-repository_publictrue
octolytics-dimension-repository_is_forkfalse
octolytics-dimension-repository_network_root_id23857463
octolytics-dimension-repository_network_root_nwoESAPI/esapi-java-legacy
turbo-body-classeslogged-out env-production page-responsive
disable-turbofalse
browser-stats-urlhttps://api.github.com/_private/browser/stats
browser-errors-urlhttps://api.github.com/_private/browser/errors
release67235153f3c1514ed5f7dc469f138abc377bd388
ui-targetfull
theme-color#1e2327
color-schemelight dark

Links:

Skip to contenthttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#start-of-content
https://patch-diff.githubusercontent.com/
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FESAPI%2Fesapi-java-legacy%2Fpull%2F895
GitHub CopilotWrite better code with AIhttps://github.com/features/copilot
GitHub SparkBuild and deploy intelligent appshttps://github.com/features/spark
GitHub ModelsManage and compare promptshttps://github.com/features/models
MCP RegistryNewIntegrate external toolshttps://github.com/mcp
ActionsAutomate any workflowhttps://github.com/features/actions
CodespacesInstant dev environmentshttps://github.com/features/codespaces
IssuesPlan and track workhttps://github.com/features/issues
Code ReviewManage code changeshttps://github.com/features/code-review
GitHub Advanced SecurityFind and fix vulnerabilitieshttps://github.com/security/advanced-security
Code securitySecure your code as you buildhttps://github.com/security/advanced-security/code-security
Secret protectionStop leaks before they starthttps://github.com/security/advanced-security/secret-protection
Why GitHubhttps://github.com/why-github
Documentationhttps://docs.github.com
Bloghttps://github.blog
Changeloghttps://github.blog/changelog
Marketplacehttps://github.com/marketplace
View all featureshttps://github.com/features
Enterpriseshttps://github.com/enterprise
Small and medium teamshttps://github.com/team
Startupshttps://github.com/enterprise/startups
Nonprofitshttps://github.com/solutions/industry/nonprofits
App Modernizationhttps://github.com/solutions/use-case/app-modernization
DevSecOpshttps://github.com/solutions/use-case/devsecops
DevOpshttps://github.com/solutions/use-case/devops
CI/CDhttps://github.com/solutions/use-case/ci-cd
View all use caseshttps://github.com/solutions/use-case
Healthcarehttps://github.com/solutions/industry/healthcare
Financial serviceshttps://github.com/solutions/industry/financial-services
Manufacturinghttps://github.com/solutions/industry/manufacturing
Governmenthttps://github.com/solutions/industry/government
View all industrieshttps://github.com/solutions/industry
View all solutionshttps://github.com/solutions
AIhttps://github.com/resources/articles?topic=ai
Software Developmenthttps://github.com/resources/articles?topic=software-development
DevOpshttps://github.com/resources/articles?topic=devops
Securityhttps://github.com/resources/articles?topic=security
View all topicshttps://github.com/resources/articles
Customer storieshttps://github.com/customer-stories
Events & webinarshttps://github.com/resources/events
Ebooks & reportshttps://github.com/resources/whitepapers
Business insightshttps://github.com/solutions/executive-insights
GitHub Skillshttps://skills.github.com
Documentationhttps://docs.github.com
Customer supporthttps://support.github.com
Community forumhttps://github.com/orgs/community/discussions
Trust centerhttps://github.com/trust-center
Partnershttps://github.com/partners
GitHub SponsorsFund open source developershttps://github.com/sponsors
Security Labhttps://securitylab.github.com
Maintainer Communityhttps://maintainers.github.com
Acceleratorhttps://github.com/accelerator
Archive Programhttps://archiveprogram.github.com
Topicshttps://github.com/topics
Trendinghttps://github.com/trending
Collectionshttps://github.com/collections
Enterprise platformAI-powered developer platformhttps://github.com/enterprise
GitHub Advanced SecurityEnterprise-grade security featureshttps://github.com/security/advanced-security
Copilot for BusinessEnterprise-grade AI featureshttps://github.com/features/copilot/copilot-business
Premium SupportEnterprise-grade 24/7 supporthttps://github.com/premium-support
Pricinghttps://github.com/pricing
Search syntax tipshttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
documentationhttps://docs.github.com/search-github/github-code-search/understanding-github-code-search-syntax
Sign in https://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FESAPI%2Fesapi-java-legacy%2Fpull%2F895
Sign up https://patch-diff.githubusercontent.com/signup?ref_cta=Sign+up&ref_loc=header+logged+out&ref_page=%2F%3Cuser-name%3E%2F%3Crepo-name%3E%2Fvoltron%2Fpull_requests_fragments%2Fpull_request_layout&source=header-repo&source_repo=ESAPI%2Fesapi-java-legacy
Reloadhttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Reloadhttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Reloadhttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
ESAPI https://patch-diff.githubusercontent.com/ESAPI
esapi-java-legacyhttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy
Notifications https://patch-diff.githubusercontent.com/login?return_to=%2FESAPI%2Fesapi-java-legacy
Fork 370 https://patch-diff.githubusercontent.com/login?return_to=%2FESAPI%2Fesapi-java-legacy
Star 641 https://patch-diff.githubusercontent.com/login?return_to=%2FESAPI%2Fesapi-java-legacy
Code https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy
Issues 122 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/issues
Pull requests 4 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pulls
Discussions https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/discussions
Actions https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/actions
Projects 0 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/projects
Wiki https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/wiki
Security Uh oh! There was an error while loading. Please reload this page. https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/security
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Insights https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pulse
Code https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy
Issues https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/issues
Pull requests https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pulls
Discussions https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/discussions
Actions https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/actions
Projects https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/projects
Wiki https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/wiki
Security https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/security
Insights https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pulse
Sign up for GitHub https://patch-diff.githubusercontent.com/signup?return_to=%2FESAPI%2Fesapi-java-legacy%2Fissues%2Fnew%2Fchoose
terms of servicehttps://docs.github.com/terms
privacy statementhttps://docs.github.com/privacy
Sign inhttps://patch-diff.githubusercontent.com/login?return_to=%2FESAPI%2Fesapi-java-legacy%2Fissues%2Fnew%2Fchoose
Jump to bottomhttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issue-comment-box
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
ESAPI:develophttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/tree/develop
sabbott1877:issue-894https://patch-diff.githubusercontent.com/sabbott1877/esapi-java-legacy/tree/issue-894
Fixes #894. Remove outdated commons-lang and commons-configuration dependencies with problematic CVEs. https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#top
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
ESAPI:develophttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/tree/develop
sabbott1877:issue-894https://patch-diff.githubusercontent.com/sabbott1877/esapi-java-legacy/tree/issue-894
Conversation 11 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Commits 1 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/commits
Checks 0 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/checks
Files changed https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/files
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://github.co/hiddenchars
https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/{{ revealButtonHref }}
https://patch-diff.githubusercontent.com/sabbott1877
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
Jul 16, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issue-3236746812
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/sabbott1877
Fixeshttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/commits/a38b4b8eebc8423578ce27de182036539f4948bc
ESAPI#894https://github.com/ESAPI/esapi-java-legacy/issues/894
. Remove outdated commons-lang and commons-configurati…https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/commits/a38b4b8eebc8423578ce27de182036539f4948bc
a38b4b8https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895/commits/a38b4b8eebc8423578ce27de182036539f4948bc
https://patch-diff.githubusercontent.com/sabbott1877
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
Jul 16, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3079563653
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
commenthttps://github.com/ESAPI/esapi-java-legacy/issues/872#issuecomment-2669411905
#872https://github.com/ESAPI/esapi-java-legacy/issues/872
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/sabbott1877
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
Jul 16, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3079602331
CVE-2025-48924https://www.cve.org/CVERecord?id=CVE-2025-48924
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/sabbott1877
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
Jul 16, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3079659140
#872https://github.com/ESAPI/esapi-java-legacy/issues/872
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/sabbott1877
sabbott1877https://patch-diff.githubusercontent.com/sabbott1877
Jul 16, 2025 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#ref-issue-3229165298
Upgrade to use Commons-Lang3 #894 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/issues/894
https://patch-diff.githubusercontent.com/kwwall
kwwallhttps://patch-diff.githubusercontent.com/kwwall
Jul 21, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3095150782
@sabbott1877https://github.com/sabbott1877
#894 (comment)https://github.com/ESAPI/esapi-java-legacy/issues/894#issuecomment-3095137858
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/in-fke
in-fkehttps://patch-diff.githubusercontent.com/in-fke
Jul 21, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3095832380
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/kwwall
kwwallhttps://patch-diff.githubusercontent.com/kwwall
Jul 21, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3096897663
@in-fkehttps://github.com/in-fke
#894 (comment)https://github.com/ESAPI/esapi-java-legacy/issues/894#issuecomment-3095137858
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/in-fke
in-fkehttps://patch-diff.githubusercontent.com/in-fke
Jul 21, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3097331766
@in-fkehttps://github.com/in-fke
#894 (comment)https://github.com/ESAPI/esapi-java-legacy/issues/894#issuecomment-3095137858
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/xeno6696
xeno6696https://patch-diff.githubusercontent.com/xeno6696
Jul 22, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3103613756
@in-fkehttps://github.com/in-fke
#894 (comment)https://github.com/ESAPI/esapi-java-legacy/issues/894#issuecomment-3095137858
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/kwwall
kwwallhttps://patch-diff.githubusercontent.com/kwwall
Jul 22, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3103895319
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/jeremiahjstacey
jeremiahjstaceyhttps://patch-diff.githubusercontent.com/jeremiahjstacey
Aug 1, 2025 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#ref-issue-3283148082
commons-lang and commons-configuration dependencies with CVEs #896 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/issues/896
https://patch-diff.githubusercontent.com/duttonw
duttonwhttps://patch-diff.githubusercontent.com/duttonw
Oct 9, 2025 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#ref-pullrequest-3497530520
Patch CVE-2025-48924 : commons-lang:2.6 to commons-lang3:3.19.0 #898 https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/898
https://patch-diff.githubusercontent.com/duttonw
duttonwhttps://patch-diff.githubusercontent.com/duttonw
Oct 9, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3384021356
CVE-2025-48924https://github.com/advisories/GHSA-j288-q9x7-2f5v
GHSA-j288-q9x7-2f5vhttps://github.com/advisories/GHSA-j288-q9x7-2f5v
https://ossindex.sonatype.org/vulnerability/CVE-2025-48924https://ossindex.sonatype.org/vulnerability/CVE-2025-48924
[CVE-2025-48924] CWE-674: Uncontrolled Recursionhttps://ossindex.sonatype.org/vulnerability/CVE-2025-48924?component-type=maven&component-name=commons-lang%2Fcommons-lang&utm_source=dependency-check&utm_medium=integration&utm_content=12.1.3
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-48924http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2025-48924
GHSA-j288-q9x7-2f5vhttps://github.com/advisories/GHSA-j288-q9x7-2f5v
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/xeno6696
xeno6696https://patch-diff.githubusercontent.com/xeno6696
Oct 15, 2025https://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895#issuecomment-3408608522
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
CVE-2025-48924https://github.com/advisories/GHSA-j288-q9x7-2f5v
@jeremiahjstaceyhttps://github.com/jeremiahjstacey
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
Sign up for freehttps://patch-diff.githubusercontent.com/join?source=comment-repo
Sign in to commenthttps://patch-diff.githubusercontent.com/login?return_to=https%3A%2F%2Fgithub.com%2FESAPI%2Fesapi-java-legacy%2Fpull%2F895
Please reload this pagehttps://patch-diff.githubusercontent.com/ESAPI/esapi-java-legacy/pull/895
https://patch-diff.githubusercontent.com/sabbott1877
https://patch-diff.githubusercontent.com/kwwall
https://patch-diff.githubusercontent.com/in-fke
https://patch-diff.githubusercontent.com/xeno6696
https://patch-diff.githubusercontent.com/duttonw
https://github.com
Termshttps://docs.github.com/site-policy/github-terms/github-terms-of-service
Privacyhttps://docs.github.com/site-policy/privacy-policies/github-privacy-statement
Securityhttps://github.com/security
Statushttps://www.githubstatus.com/
Communityhttps://github.community/
Docshttps://docs.github.com/
Contacthttps://support.github.com?tags=dotcom-footer

Viewport: width=device-width

URLs of crawlers that visited me.