longfeiJiang created KYLIN-5408:
-----------------------------------
Summary: Fix new critical-risk vulnerability CVE-2022-37866 /
SNYK-JAVA-ORGAPACHEIVY-3106014
Key: KYLIN-5408
URL: https://issues.apache.org/jira/browse/KYLIN-5408
Project: Kylin
Issue Type: Bug
Affects Versions: 5.0-alpha
Reporter: longfeiJiang
Fix For: 5.0-alpha
[!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy |
CVE-2022-37866 |
Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106929]
[!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy |
CVE-2022-37865 |
Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106014]
h2. How to fix?
Upgrade {{org.apache.ivy:ivy}} to version 2.5.1 or higher.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
