commons-collections-3.2.1.jar

Answered

I am running TeamCity 9.1.6. Our internal security scan flagged commons-collections-3.2.1.jar as security risk (something to do with a deserialization vulerability) and are asking me to update the file to commons-collections-3.2.2.jar.

I have a limited knowledge of Java - can I just replace the file? 

Or do you have a patch?

Thanks

Jay Turpin

Intel Corporation

1 comment

Hello Jay,

We consider TeamCity to be not affected by this vulnerability. Please watch the comments to the issue https://youtrack.jetbrains.com/issue/TW-43096 for more details.

0

Please sign in to leave a comment.