D M Murali Krishna Reddy created YARN-11606: -----------------------------------------------
Summary: Upgrade fst to 2.57 Key: YARN-11606 URL: https://issues.apache.org/jira/browse/YARN-11606 Project: Hadoop YARN Issue Type: Bug Reporter: D M Murali Krishna Reddy Assignee: D M Murali Krishna Reddy de.ruedigermoeller:fst has a dependency of json-io:2.5.1 which is vulnerable with CVE-2023-34610, Higher versions of fst do not have any dependency with json-io. [https://nvd.nist.gov/vuln/detail/CVE-2023-34610] -- This message was sent by Atlassian Jira (v8.20.10#820010) --------------------------------------------------------------------- To unsubscribe, e-mail: yarn-issues-unsubscr...@hadoop.apache.org For additional commands, e-mail: yarn-issues-h...@hadoop.apache.org