[
https://issues.apache.org/jira/browse/CASSANDRA-15701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17188281#comment-17188281
]
Tigran Mardanyan commented on CASSANDRA-15701:
----------------------------------------------
Sorry guys, but my security scanners warn about this as well. It seems Apache
Cassandra is not affected but need confirmation from you experts.
If this is not correct place to talk about this issue, please direct me to the
correct platform where I can ask for impact analyze.
Any updated on this much appreciated.
> Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?
> ---------------------------------------------------------------------
>
> Key: CASSANDRA-15701
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15701
> Project: Cassandra
> Issue Type: Bug
> Components: Dependencies
> Reporter: wht
> Priority: Normal
>
> Because cassandra 3.11.3/3.11.5 rely on jackson-mapper-asl-1.9.13.jar which
> has been reported a vulnerability CVE-2019-10172,
> [https://nvd.nist.gov/vuln/detail/CVE-2019-10172], so I want to know if it
> has an impact to cassandra. Thanks!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
