You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@kylin.apache.org by "longfeiJiang (Jira)" <ji...@apache.org> on 2023/02/02 10:49:00 UTC
[jira] [Created] (KYLIN-5408) Fix new critical-risk vulnerability CVE-2022-37866 / SNYK-JAVA-ORGAPACHEIVY-3106014
longfeiJiang created KYLIN-5408:
-----------------------------------
Summary: Fix new critical-risk vulnerability CVE-2022-37866 / SNYK-JAVA-ORGAPACHEIVY-3106014
Key: KYLIN-5408
URL: https://issues.apache.org/jira/browse/KYLIN-5408
Project: Kylin
Issue Type: Bug
Affects Versions: 5.0-alpha
Reporter: longfeiJiang
Fix For: 5.0-alpha
[!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy | CVE-2022-37866 | Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106929]
[!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy | CVE-2022-37865 | Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106014]
h2. How to fix?
Upgrade {{org.apache.ivy:ivy}} to version 2.5.1 or higher.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)