[
https://issues.apache.org/jira/browse/CASSANDRA-15701?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17188714#comment-17188714
]
Brandon Williams commented on CASSANDRA-15701:
----------------------------------------------
It's hard to say since no details of that vulnerability seem to be published.
CASSANDRA-15867 removed this in 3.11.7 anyway, however.
> Does Cassandra 3.11.3/3.11.5 is affected by CVE-2019-10712 or not ?
> ---------------------------------------------------------------------
>
> Key: CASSANDRA-15701
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15701
> Project: Cassandra
> Issue Type: Bug
> Components: Dependencies
> Reporter: wht
> Priority: Normal
>
> Because cassandra 3.11.3/3.11.5 rely on jackson-mapper-asl-1.9.13.jar which
> has been reported a vulnerability CVE-2019-10172,
> [https://nvd.nist.gov/vuln/detail/CVE-2019-10172], so I want to know if it
> has an impact to cassandra. Thanks!
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
