[jira] [Reopened] (HADOOP-18459) scan detected CVE-2021-37136 and CVE-2021-37137 in netty.io_netty_codec

[Steve Loughran (Jira)]

     [ 
https://issues.apache.org/jira/browse/HADOOP-18459?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Steve Loughran reopened HADOOP-18459:
-------------------------------------

> scan detected CVE-2021-37136 and CVE-2021-37137 in netty.io_netty_codec
> -----------------------------------------------------------------------
>
>                 Key: HADOOP-18459
>                 URL: https://issues.apache.org/jira/browse/HADOOP-18459
>             Project: Hadoop Common
>          Issue Type: Bug
>          Components: build
>            Reporter: deepagkanaka
>            Assignee: Ashutosh Gupta
>            Priority: Minor
>
> Our security scan detected CVE-2021-37136 and CVE-2021-37137 in io.netty_netty
>  
> |Component|Version|CVE|Fixed in|
> |io.netty_netty|3.10.6|CVE-2021-37136|4.1.68|
> |io.netty_netty|3.10.6|CVE-2021-37137|4.1.68|
> |org.yaml_snakeyaml|1.26|CVE-2022-25857|1.31|



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: common-dev-unsubscr...@hadoop.apache.org
For additional commands, e-mail: common-dev-h...@hadoop.apache.org