You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@pulsar.apache.org by GitBox <gi...@apache.org> on 2022/06/28 09:13:38 UTC

[GitHub] [pulsar] mattisonchao commented on pull request #16260: [Branch 2.10] Fix some OWASP dependency problems.

mattisonchao commented on PR #16260:
URL: https://github.com/apache/pulsar/pull/16260#issuecomment-1168453574

   I found we still have CVE in branch-2.10.  But don't find any related fix at master.
   
   ```xml
   mariadb-java-client-2.7.5.jar
       <cve>CVE-2022-27444</cve>
       <cve>CVE-2022-27446</cve>
       <cve>CVE-2022-27449</cve>
       <cve>CVE-2022-27451</cve>
       <cve>CVE-2022-27452</cve>
       <cve>CVE-2022-27455</cve>
       <cve>CVE-2022-27457</cve>
   ```
   These CVEs are about the server and they do not impact the client.
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: commits-unsubscribe@pulsar.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org