You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cassandra.apache.org by "Stefan Miklosovic (Jira)" <ji...@apache.org> on 2022/11/30 11:52:00 UTC
[jira] [Commented] (CASSANDRA-18081) CVE's in Cassandra 4.0.7
[ https://issues.apache.org/jira/browse/CASSANDRA-18081?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17641252#comment-17641252 ]
Stefan Miklosovic commented on CASSANDRA-18081:
-----------------------------------------------
I think none of them apply to us. Maybe [~brandon.williams] could double check here?
[https://nvd.nist.gov/vuln/detail/CVE-2022-42003]
[https://nvd.nist.gov/vuln/detail/CVE-2022-42004]
[https://nvd.nist.gov/vuln/detail/CVE-2022-25857]
[https://nvd.nist.gov/vuln/detail/CVE-2020-11612]
> CVE's in Cassandra 4.0.7
> ------------------------
>
> Key: CASSANDRA-18081
> URL: https://issues.apache.org/jira/browse/CASSANDRA-18081
> Project: Cassandra
> Issue Type: Bug
> Reporter: Gaurav Gupta
> Priority: Normal
>
> Below CVE's are available in Latest Cassandra version.
> CVE-2022-42004,CVE-2022-25857,CVE-2020-11612,CVE-2022-42003
> Above CVE's are part of component maven:org.yaml:snakeyaml, maven:io.netty:netty-all, maven:com.fasterxml.jackson.core:jackson-databind
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org