CVE-2022-42889: Apache Commons Text Vulnerability

katrien.vandenberghe · November 3, 2022, 1:56pm

Hi,

I’ve been looking around your announcements / blogs and couldn’t find a related message, so apologies if I’ve missed it. Can you provide any info on if you are using the vulnerable Apache Commons Text Vulnerability library?
If so are there any mitigations we need to take?

Thanks in advance
Best Regards

Katrien

tyf · November 3, 2022, 9:27pm

Hey there @katrien.vandenberghe welcome to the community!

Once alerted to CVE-2022-42889, the Apache Commons Text Vulnerability, Okta Engineering and Security conducted an investigation and confirmed that the Okta service is not currently impacted. This includes the Auth0 service.

Hope this helps to clear up any concern

katrien.vandenberghe · November 7, 2022, 10:01am

Thanks for your reply!

tyf · November 7, 2022, 1:44pm

No problem, happy to help!

system · November 21, 2022, 1:44pm

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Is Auth0 affected by the recent Okta Oct 2023 breach Help security-question-concern , security-compliance	5	1443	December 19, 2023
MOVEit Security Vulnerability Knowledge Articles	1	852	July 21, 2023
November 2023 Community News Community News	3	896	January 8, 2024
Hack Help	3	725	July 21, 2023
February 2023 Community News Community News community , news	1	1482	May 4, 2023

CVE-2022-42889: Apache Commons Text Vulnerability

Related Topics