longfeiJiang created KYLIN-5408: ----------------------------------- Summary: Fix new critical-risk vulnerability CVE-2022-37866 / SNYK-JAVA-ORGAPACHEIVY-3106014 Key: KYLIN-5408 URL: https://issues.apache.org/jira/browse/KYLIN-5408 Project: Kylin Issue Type: Bug Affects Versions: 5.0-alpha Reporter: longfeiJiang Fix For: 5.0-alpha
[!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy | CVE-2022-37866 | Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106929] [!https://snyk.io/favicon.png!Directory Traversal in org.apache.ivy:ivy | CVE-2022-37865 | Snyk|https://security.snyk.io/vuln/SNYK-JAVA-ORGAPACHEIVY-3106014] h2. How to fix? Upgrade {{org.apache.ivy:ivy}} to version 2.5.1 or higher. -- This message was sent by Atlassian Jira (v8.20.10#820010)