[
https://issues.apache.org/jira/browse/HIVE-24904?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Zoltan Haindrich resolved HIVE-24904.
-------------------------------------
Fix Version/s: 4.0.0
Resolution: Duplicate
I've fixed this in HIVE-20071 by migrating and banning that old dependency
> CVE-2019-10172,CVE-2019-10202 vulnerabilities in jackson-mapper-asl-1.9.13.jar
> ------------------------------------------------------------------------------
>
> Key: HIVE-24904
> URL: https://issues.apache.org/jira/browse/HIVE-24904
> Project: Hive
> Issue Type: Bug
> Components: Security
> Reporter: Oleksiy Sayankin
> Assignee: Zoltan Haindrich
> Priority: Critical
> Labels: CVE
> Fix For: 4.0.0
>
>
> CVE list: CVE-2019-10172,CVE-2019-10202
> CVSS score: High
> {code}
> ./packaging/target/apache-hive-4.0.0-SNAPSHOT-bin/apache-hive-4.0.0-SNAPSHOT-bin/lib/jackson-mapper-asl-1.9.13.jar
> {code}
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
