Fix vulnerabilities
ckunki opened this issue · 0 comments
ckunki commented
- org.apache.hadoop:hadoop-common:jar:3.3.4 in compile
- sonatype-2022-5820: 1 vulnerability (8.2)
- org.apache.hadoop:hadoop-hdfs-client:jar:3.3.4 in compile
- sonatype-2022-5732: 1 vulnerability (8.6)
- org.apache.commons:commons-text:jar:1.9 in compile
- CVE-2022-42889, severity CWE-94: Improper Control of Generation of Code ('Code Injection') (9.8)
Additionally: check if excluded vulnerabilities are still required to remain so
- 1 vulnerability found (6.2); https://ossindex.sonatype.org/vulnerability/sonatype-2020-0926