You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Amol Nawale (Jira)" <ji...@apache.org> on 2021/11/24 13:12:00 UTC
[jira] [Created] (CASSANDRA-17170) Found Third Party Software vulnerabilities/security issue in 3.11.11
Amol Nawale created CASSANDRA-17170:
---------------------------------------
Summary: Found Third Party Software vulnerabilities/security issue in 3.11.11
Key: CASSANDRA-17170
URL: https://issues.apache.org/jira/browse/CASSANDRA-17170
Project: Cassandra
Issue Type: Bug
Reporter: Amol Nawale
we have found below vulnerabilities in Cassandra 3.11.11.zip during security scan.
Could you please help us to resolve those?
| [sonatype-2021-1175] [logback-core] [1.1.3]|
| [CVE-2021-37137] [netty-all] [4.0.44.Final]|
| [sonatype-2021-1425] [thrift] [0.9.3]|
| [sonatype-2020-1031] [netty-all] [4.0.44.Final]|
| [CVE-2020-13949] [libthrift] [0.9.2]|
| [sonatype-2020-0029] [netty-all] [4.0.44.Final]|
| [CVE-2020-7238] [netty-all] [4.0.44.Final]|
| [CVE-2019-20444] [netty-all] [4.0.44.Final]|
| [CVE-2019-20445] [netty-all] [4.0.44.Final]|
| [CVE-2017-18640] [snakeyaml] [1.11]|
| [CVE-2019-16869] [netty-all] [4.0.44.Final]|
| [CVE-2019-0205] [thrift] [0.9.3]|
| [CVE-2018-1320] [libthrift] [0.9.2]|
| [CVE-2017-5929] [logback-classic] [1.1.3]|
--
This message was sent by Atlassian Jira
(v8.20.1#820001)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org