Hello Team,
We are having java based HDFS client which uses Hadoop-hdfs-3.3.3 as it's
dependency. in our application.
Hadoop-hdfs-3.3.3 uses netty 3.10.6.Final as deep dependency.
We got the following vulnerability in netty using JFrog Xray.
Description : Netty contains a flaw in the AbstractDis
Thank you Ayush
Regards,
Deepti Sharma
PMPĀ® & ITIL
From: Ayush Saxena
Sent: 29 November 2022 16:27
To: Deepti Sharma S
Cc: user@hadoop.apache.org
Subject: Re: Vulnerability query on Hadoop
Hi Deepti,
The OkHttp one I think got sorted as part of HDFS-16453, It is there in
Hadoop-3
Hi Deepti,
The OkHttp one I think got sorted as part of HDFS-16453, It is there in
Hadoop-3.3.4(Released),
Second, netty is also upgraded as part of HADOOP-18079 and is also there in
Hadoop-3.3.4, I tried to grep on the dependency tree of 3.3.4 and didn't
find 4.1.42. If you still see it let me kno
Hello Team,
We had a query regarding below High and Critical vulnerability on Hadoop, could
you please help here.
Query for below mentioned HIGH Vulnerability.
We are having java based HDFS client which uses Hadoop-Common-3.3.3,
Hadoop-hdfs-3.3.3 and Hadoop-hdfs-client-3.3.3 as it's dependency