You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@flink.apache.org by "mixedfruit (Jira)" <ji...@apache.org> on 2021/08/27 10:16:00 UTC
[jira] [Created] (FLINK-24025) The components on which Flink
depends may contain vulnerabilities. If yes, fix them.
mixedfruit created FLINK-24025:
----------------------------------
Summary: The components on which Flink depends may contain vulnerabilities. If yes, fix them.
Key: FLINK-24025
URL: https://issues.apache.org/jira/browse/FLINK-24025
Project: Flink
Issue Type: Improvement
Components: Build System
Affects Versions: 1.11.3
Reporter: mixedfruit
In Flink v1.11.3 contains netty(version:3.10.6) commons-compress(version:1.20) slf4j(version:1.7.15) cxf-rt-rs-json-basic(version:3.4.0) and bzip2(version:1.0.6). There are many vulnerabilities, like CVE-2020-13954,CVE-2021-22696,CVE-2021-30468,CVE-2018-8088, CVE-2021-21409,CVE-2021-35517 etc. please confirm these version and fix. thx
--
This message was sent by Atlassian Jira
(v8.3.4#803005)