[jira] [Updated] (HIVE-28496) Address CVE-2020-28487 due to 4.20.0 version of vis.js

Kiran Velumuri (Jira) Tue, 03 Sep 2024 04:43:05 -0700


     [ 
https://issues.apache.org/jira/browse/HIVE-28496?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Kiran Velumuri updated HIVE-28496:
----------------------------------
    Issue Type: Improvement  (was: Bug)

> Address CVE-2020-28487 due to 4.20.0 version of vis.js
> ------------------------------------------------------
>
>                 Key: HIVE-28496
>                 URL: https://issues.apache.org/jira/browse/HIVE-28496
>             Project: Hive
>          Issue Type: Improvement
>            Reporter: Kiran Velumuri
>            Assignee: Kiran Velumuri
>            Priority: Major
>
> This is to address CVE-2020-28487 coming from 4.20.0 version of vis.js from 
> the file vis.min.js. This file is being used in the recently added Query plan 
> tab in the HiveServer2 web UI.
>  
> The project vis.js has been split up into sub projects(from version 5.0.0) 
> from which we only require the Network sub-project. This sub-project contains 
> both vis.Network and vis.Dataset that we require from vis.min.js.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (HIVE-28496) Address CVE-2020-28487 due to 4.20.0 version of vis.js

Reply via email to