kaushik mandal created HBASE-28099:
--------------------------------------
Summary: protobuf-java core and lite versions prior to 3.21.7,
3.20.3, 3.19.6 and 3.16.3 is vulnerable to CVE-2022-3509
Key: HBASE-28099
URL: https://issues.apache.org/jira/browse/HBASE-28099
Project: HBase
Issue Type: Bug
Components: hadoop2
Affects Versions: 2.4.13
Reporter: kaushik mandal
protobuf-java 3.23.2 causing increasing disk usage. Because of this we are not
in position to upgrade protobuf to latest version.
we are currently using hbase 2.4.13 which uses protobuf version older than
3.23.2 which is vulnerable to cve.
is there any latest hbase and hadoop version available which is using protobuf
version 3.23.2?
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
