CVE-2022-42889: Apache Commons Text Vulnerability


I’ve been looking around your announcements / blogs and couldn’t find a related message, so apologies if I’ve missed it. Can you provide any info on if you are using the vulnerable Apache Commons Text Vulnerability library?
If so are there any mitigations we need to take?

Thanks in advance
Best Regards


Hey there @katrien.vandenberghe welcome to the community!

Once alerted to CVE-2022-42889, the Apache Commons Text Vulnerability, Okta Engineering and Security conducted an investigation and confirmed that the Okta service is not currently impacted. This includes the Auth0 service.

Hope this helps to clear up any concern :smile:

Thanks for your reply!

1 Like

No problem, happy to help! :slight_smile:

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.