You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "John F. Gbruoski (JIRA)" <ji...@apache.org> on 2018/09/18 16:12:00 UTC

[jira] [Created] (CASSANDRA-14760) CVE-2018-10237 Security vulnerability in 3.11.3

John F. Gbruoski created CASSANDRA-14760:
--------------------------------------------

             Summary: CVE-2018-10237 Security vulnerability in 3.11.3
                 Key: CASSANDRA-14760
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-14760
             Project: Cassandra
          Issue Type: Bug
            Reporter: John F. Gbruoski


As described in the CVE, Guava 11.0 through 24.x before 24.1.1 have a security exposure. Cassandra 3.11.3 uses Guava 18.0. Can Cassandra 3.11 be patched to support Guava  24.1.1 or later?



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org