Skip to content
This repository has been archived by the owner on Jan 31, 2025. It is now read-only.

Vulnerabilities in accessors-smart used by Hadoop in Jet #3064

Open
olukas opened this issue Sep 7, 2021 · 0 comments
Open

Vulnerabilities in accessors-smart used by Hadoop in Jet #3064

olukas opened this issue Sep 7, 2021 · 0 comments
Labels
security Pull requests that address a security vulnerability severity:high Vulnerability scan classification for High Severity issues

Comments

@olukas
Copy link
Collaborator

olukas commented Sep 7, 2021

Jet uses org.apache.hadoop:hadoop-client which uses net.minidev:accessors-smart in version 1.3 which includes following vulnerability:
@olukas olukas added security Pull requests that address a security vulnerability severity:high Vulnerability scan classification for High Severity issues labels Sep 7, 2021
@olukas olukas added this to the 4.5.1 milestone Sep 7, 2021
gurbuzali pushed a commit that referenced this issue Sep 7, 2021
Update net.minidev:json-smart to 2.4.7
946906f 
fixes #3064

Update Elasticsearch6 to 6.8.17
fixes #3065

Update commons-io:commons-io to 2.7
fixes #3066

Update Jetty to 9.4.43
fixes #3067
@degerhz degerhz modified the milestones: 4.5.1, 4.5.2 Sep 14, 2021
@frant-hartm frant-hartm modified the milestones: 4.5.2, 4.5.3 Dec 15, 2021
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
security Pull requests that address a security vulnerability severity:high Vulnerability scan classification for High Severity issues
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@olukas @frant-hartm @degerhz