You are viewing a plain text version of this content. The canonical link for it is here.

Posted to issues@kudu.apache.org by "yejiabao_h (Jira)" <ji...@apache.org> on 2022/12/08 03:07:00 UTC

[jira] [Updated] (KUDU-3428) ranger has some vulnerability in 2.1.0

     [ https://issues.apache.org/jira/browse/KUDU-3428?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

yejiabao_h updated KUDU-3428:
-----------------------------
    Summary: ranger has some vulnerability in 2.1.0  (was: ranger has some vulnerability in 1.12.0)

> ranger has some vulnerability in 2.1.0
> --------------------------------------
>
>                 Key: KUDU-3428
>                 URL: https://issues.apache.org/jira/browse/KUDU-3428
>             Project: Kudu
>          Issue Type: Bug
>          Components: ranger
>    Affects Versions: 1.12.0, 1.13.0, 1.14.0, 1.15.0, 1.16.0
>            Reporter: yejiabao_h
>            Priority: Major
>
> ranger has some vulnerability in 2.1.0：
> 1、[CVE-2022-22965|https://nvd.nist.gov/vuln/detail/cve-2022-22965] ([RANGER-3691|https://issues.apache.org/jira/browse/RANGER-3691?jql=project%20%3D%20RANGER%20AND%20text%20~%20%22CVE-2022-22965%22%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC])
> 2、[CVE-2021-44228|https://nvd.nist.gov/vuln/detail/CVE-2021-44228] ([RANGER-3785|https://issues.apache.org/jira/browse/RANGER-3785?jql=project%20%3D%20RANGER%20AND%20text%20~%20%22CVE-2021-44228%22%20ORDER%20BY%20priority%20DESC%2C%20updated%20DESC])
> and is repaired in 2.3.0， so I guess we should upgrade the ranger.
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)