[jira] [Created] (CASSANDRA-17170) Found Third Party Software vulnerabilities/security issue in 3.11.11

Amol Nawale (Jira) Wed, 24 Nov 2021 05:12:20 -0800

Amol Nawale created CASSANDRA-17170:
---------------------------------------


             Summary: Found Third Party Software  vulnerabilities/security 
issue in 3.11.11
                 Key: CASSANDRA-17170
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17170
             Project: Cassandra
          Issue Type: Bug
            Reporter: Amol Nawale


we have found below vulnerabilities  in Cassandra 3.11.11.zip during security 
scan.

Could you please help us to resolve those?
| [sonatype-2021-1175] [logback-core] [1.1.3]|
| [CVE-2021-37137] [netty-all] [4.0.44.Final]|
| [sonatype-2021-1425] [thrift] [0.9.3]|
| [sonatype-2020-1031] [netty-all] [4.0.44.Final]|
| [CVE-2020-13949] [libthrift] [0.9.2]|
| [sonatype-2020-0029] [netty-all] [4.0.44.Final]|
| [CVE-2020-7238] [netty-all] [4.0.44.Final]|
| [CVE-2019-20444] [netty-all] [4.0.44.Final]|
| [CVE-2019-20445] [netty-all] [4.0.44.Final]|
| [CVE-2017-18640] [snakeyaml] [1.11]|
| [CVE-2019-16869] [netty-all] [4.0.44.Final]|
| [CVE-2019-0205] [thrift] [0.9.3]|
| [CVE-2018-1320] [libthrift] [0.9.2]|
| [CVE-2017-5929] [logback-classic] [1.1.3]|

 

 



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscr...@cassandra.apache.org
For additional commands, e-mail: commits-h...@cassandra.apache.org

[jira] [Created] (CASSANDRA-17170) Found Third Party Software vulnerabilities/security issue in 3.11.11

Reply via email to