You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Brandon Williams (Jira)" <ji...@apache.org> on 2021/11/24 13:20:00 UTC
[jira] [Updated] (CASSANDRA-17170) Found Third Party Software vulnerabilities/security issue in 3.11.11
[ https://issues.apache.org/jira/browse/CASSANDRA-17170?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brandon Williams updated CASSANDRA-17170:
-----------------------------------------
Resolution: Duplicate
Status: Resolved (was: Triage Needed)
> Found Third Party Software vulnerabilities/security issue in 3.11.11
> ---------------------------------------------------------------------
>
> Key: CASSANDRA-17170
> URL: https://issues.apache.org/jira/browse/CASSANDRA-17170
> Project: Cassandra
> Issue Type: Bug
> Reporter: Amol Nawale
> Priority: Normal
>
> we have found below vulnerabilities in Cassandra 3.11.11.zip during security scan.
> Could you please help us to resolve those?
> | [sonatype-2021-1175] [logback-core] [1.1.3]|
> | [CVE-2021-37137] [netty-all] [4.0.44.Final]|
> | [sonatype-2021-1425] [thrift] [0.9.3]|
> | [sonatype-2020-1031] [netty-all] [4.0.44.Final]|
> | [CVE-2020-13949] [libthrift] [0.9.2]|
> | [sonatype-2020-0029] [netty-all] [4.0.44.Final]|
> | [CVE-2020-7238] [netty-all] [4.0.44.Final]|
> | [CVE-2019-20444] [netty-all] [4.0.44.Final]|
> | [CVE-2019-20445] [netty-all] [4.0.44.Final]|
> | [CVE-2017-18640] [snakeyaml] [1.11]|
> | [CVE-2019-16869] [netty-all] [4.0.44.Final]|
> | [CVE-2019-0205] [thrift] [0.9.3]|
> | [CVE-2018-1320] [libthrift] [0.9.2]|
> | [CVE-2017-5929] [logback-classic] [1.1.3]|
>
>
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org