[jira] [Commented] (KYLIN-5732) High-level security vulnerabilities:maven:org.xerial.snappy:[email protected]/CVE-2023-34455

zhong.zhu (Jira) Tue, 05 Dec 2023 03:05:04 -0800


    [ 
https://issues.apache.org/jira/browse/KYLIN-5732?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17793231#comment-17793231
 ]


zhong.zhu commented on KYLIN-5732:
----------------------------------

h1. Fix Design

Upgrade snapy-Java to 1.1.10.1 in the pom file of KE and spark
 
 

> High-level security 
> vulnerabilities:maven:org.xerial.snappy:[email protected]/CVE-2023-34455
> ----------------------------------------------------------------------------------------------
>
>                 Key: KYLIN-5732
>                 URL: https://issues.apache.org/jira/browse/KYLIN-5732
>             Project: Kylin
>          Issue Type: Bug
>    Affects Versions: 5.0-beta
>            Reporter: zhong.zhu
>            Priority: Critical
>             Fix For: 5.0.0
>
>         Attachments: image-2023-12-05-19-01-48-480.png
>
>
> Vulnerability Details:
> !image-2023-12-05-19-01-48-480.png!
> snyk link: [https://snyk.io/vuln/SNYK-JAVA-ORGXERIALSNAPPY-5710960]
>  



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KYLIN-5732) High-level security vulnerabilities:maven:org.xerial.snappy:[email protected]/CVE-2023-34455

Reply via email to