Hi Dev Team Spark is using protobuf 2.5.0 which is vulnerable to CVE-2021-22569. CVE recommends to use protobuf 3.19.2
Please let me know , if there is a jira to track the update w.r.t CVE and Spark or should I create the one ? Regards Pralabh Kumar
- CVE-2021-22569 Pralabh Kumar
- Re: CVE-2021-22569 Sean Owen
