Hello Team, We had some queries regarding below High vulnerabilities on Hadoop, could you please help here.
Query for below mentioned HIGH Vulnerability. We are having java based HDFS client which uses Hadoop-Common-3.3.3, Hadoop-hdfs-3.3.3 and Hadoop-hdfs-client-3.3.3 as it's dependency. Hadoop-Common and Hadoop-hdfs uses protobuf-java-2.5.0 as dependency. We got the following high vulnerablilities in protobuf-java using "Anchore Grype". 1. CVE-2022-3171 2. CVE-2022-3509 3. CVE-2022-3510 What is the impact of these vulnerablilities on HDFS client? If HDFS Client is impacted then what is the mitigation plan for that? Regards, Deepti Sharma PMP(r) & ITIL