Hello all,
our EDR reports this vulnerability in the following 3 files:
- c:\program files\autopsy-4.20.0\autopsy\solr\server\solr-webapp\webapp\web-inf\lib\commons-text-1.6.jar
- c:\program files\autopsy-4.20.0\autopsy\solr\solr\lib\commons-text-1.6.jar
- c:\program files\autopsy-4.20.0\autopsy\modules\ext\commons-text-1.9.jar
Since it’s marked a critical CVE I’m curious if I could simply replace those with a newer version, 1.10.0 is available from Apache Commons or we have to wait for a new Autopsy release to address those.
Thank you in advance!