[
https://issues.apache.org/jira/browse/TINKERPOP-2826?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17631283#comment-17631283
]
Aaron Coady edited comment on TINKERPOP-2826 at 11/9/22 9:14 PM:
-----------------------------------------------------------------
We need an update to spark-core which also uses IVY 2.5.0 which is not
available yet.
Fix was delivered here: https://issues.apache.org/jira/browse/SPARK-41030
was (Author: acoady):
We need an update to spark-core which also uses IVY 2.5.0 which is not
available yet
> Critical security vulnerability in ivy
> --------------------------------------
>
> Key: TINKERPOP-2826
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2826
> Project: TinkerPop
> Issue Type: Bug
> Components: server
> Affects Versions: 3.6.1, 3.5.4
> Reporter: Aaron Coady
> Priority: Major
>
> Critical security vulnerability found in IVY 2.5.0
> [https://nvd.nist.gov/vuln/detail/CVE-2022-37865]
>
> This is resolved in IVY 2.5.1
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
