Re: Vulnerabilities in htrace-core4-4.1.0-incubating.jar jar used in spark.

HARSH TAKKAR Sun, 01 May 2022 22:46:49 -0700

We scanned 3 versions of spark 3.0.0, 3.1.3, 3.2.1



On Tue, 26 Apr, 2022, 18:46 Bjørn Jørgensen, <bjornjorgen...@gmail.com>
wrote:

> What version of spark is it that you have scanned?
>
>
>
> tir. 26. apr. 2022 kl. 12:48 skrev HARSH TAKKAR <takkarha...@gmail.com>:
>
>> Hello,
>>
>> Please let me know if there is a fix available for following
>> vulnerabilities in htrace jar used in spark jars folder.
>>
>> LIBRARY: com.fasterxml.jackson.core:jackson-databind
>>
>> VULNERABILITY IDs :
>>
>>
>>
>>
>>
>>   CVE-2020-9548
>>
>>
>>   CVE-2020-9547
>>
>>
>>   CVE-2020-8840
>>
>>
>>   CVE-2020-36179
>>
>>
>>   CVE-2020-35491
>>
>>
>>   CVE-2020-35490
>>
>>
>>   CVE-2020-25649
>>
>>
>>   CVE-2020-24750
>>
>>
>>   CVE-2020-24616
>>
>>
>>   CVE-2020-10673
>>
>>
>>   CVE-2019-20330
>>
>>
>>   CVE-2019-17531
>>
>>
>>   CVE-2019-17267
>>
>>
>>   CVE-2019-16943
>>
>>
>>   CVE-2019-16942
>>
>>
>>   CVE-2019-16335
>>
>>
>>   CVE-2019-14893
>>
>>
>>   CVE-2019-14892
>>
>>
>>   CVE-2019-14540
>>
>>
>>   CVE-2019-14439
>>
>>
>>   CVE-2019-14379
>>
>>
>>   CVE-2019-12086
>>
>>
>>   CVE-2018-7489
>>
>>
>>   CVE-2018-5968
>>
>>
>>   CVE-2018-14719
>>
>>
>>   CVE-2018-14718
>>
>>
>>   CVE-2018-12022
>>
>>
>>   CVE-2018-11307
>>
>>
>>   CVE-2017-7525
>>
>>
>>   CVE-2017-17485
>>
>>
>>
>>
>>   CVE-2017-15095
>>
>>
>> Kind Regards
>>
>> Harsh Takkar
>>
>>
>
> --
> Bjørn Jørgensen
> Vestre Aspehaug 4, 6010 Ålesund
> Norge
>
> +47 480 94 297
>

Re: Vulnerabilities in htrace-core4-4.1.0-incubating.jar jar used in spark.

Reply via email to