seata
Chainguard
Status
Impact
Remediation requires a major version upgrade to commons-configuration 2.x. Upstream maintainers must implement required functional changes due to what is stated in NVD: "Apache Commons Configuration 2.x is not a drop-in replacement" https://nvd.nist.gov/vuln/detail/CVE-2025-46392
Status