This is an automated email from the ASF dual-hosted git repository.
colegreer pushed a commit to branch 3.7-dev
in repository https://gitbox.apache.org/repos/asf/tinkerpop.git
The following commit(s) were added to refs/heads/3.7-dev by this push:
new f4516e4370 CTR Bump commons-beanutils to 1.11.0 (CVE-2025-48734)
f4516e4370 is described below
commit f4516e4370d66fa6890c9fedb520c1419815bd33
Author: Cole Greer <[email protected]>
AuthorDate: Wed Apr 15 14:42:54 2026 -0700
CTR Bump commons-beanutils to 1.11.0 (CVE-2025-48734)
---
pom.xml | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/pom.xml b/pom.xml
index ea6d8b808e..64fb4c4f14 100644
--- a/pom.xml
+++ b/pom.xml
@@ -778,7 +778,13 @@ limitations under the License.
<dependency>
<groupId>commons-beanutils</groupId>
<artifactId>commons-beanutils</artifactId>
- <version>1.9.4</version>
+ <version>1.11.0</version>
+ <exclusions>
+ <exclusion>
+ <groupId>commons-logging</groupId>
+ <artifactId>commons-logging</artifactId>
+ </exclusion>
+ </exclusions>
</dependency>
<dependency>
<groupId>commons-collections</groupId>