You are viewing a plain text version of this content. The canonical link for it is here.

Posted to common-dev@hadoop.apache.org by "Rohit Kumar Badeau (Jira)" <ji...@apache.org> on 2023/03/07 09:25:00 UTC

[jira] [Created] (HADOOP-18655) Upgrade Kerby to 2.0.3 due to CVE-2023-25613

Rohit Kumar Badeau created HADOOP-18655:
-------------------------------------------

             Summary: Upgrade Kerby to 2.0.3 due to CVE-2023-25613
                 Key: HADOOP-18655
                 URL: https://issues.apache.org/jira/browse/HADOOP-18655
             Project: Hadoop Common
          Issue Type: Task
            Reporter: Rohit Kumar Badeau


An LDAP Injection vulnerability exists in the LdapIdentityBackend of Apache Kerby before 2.0.3.

CVSSv3 Score:- 9.8(Critical)

[https://nvd.nist.gov/vuln/detail/CVE-2023-25613]



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscribe@hadoop.apache.org
For additional commands, e-mail: common-dev-help@hadoop.apache.org