VYPR

Commons Text

by Apache

Source repositories

CVEs (2)

  • CVE-2022-42889CriOct 13, 2022
    risk 0.68cvss 9.8epss 1.00

    Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "${prefix:name}", where "prefix" is used to locate an instance of org.apache.commons.text.lookup.StringLookup that performs…

  • CVE-2025-46295Dec 16, 2025
    risk 0.00cvss epss 0.01

    Apache Commons Text versions prior to 1.10.0 included interpolation features that could be abused when applications passed untrusted input into the text-substitution API. Because some interpolators could trigger actions like executing commands or accessing external resources, an…