DW created HADOOP-16690: --------------------------- Summary: Update dependency com.nimbusds:nimbus-jose-jwt due to security vulnerability Key: HADOOP-16690 URL: https://issues.apache.org/jira/browse/HADOOP-16690 Project: Hadoop Common Issue Type: Bug Components: auth Affects Versions: 3.2.1 Reporter: DW
Apache Hadoop Auth org.apache.hadoop:hadoop-auth:3.2.1 define dependency to com.nimbusds:nimbus-jose-jwt:4.41.1. There is a known security vulnerability for nimbus-jose-jwt: CVE-2019-17195. Can you upgrade to v7.9 or higher? -- This message was sent by Atlassian Jira (v8.3.4#803005) --------------------------------------------------------------------- To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org For additional commands, e-mail: common-dev-h...@hadoop.apache.org