[jira] [Created] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix

Rahul Nandi (Jira) Tue, 29 Sep 2020 22:03:57 -0700

Rahul Nandi created CASSANDRA-16150:
---------------------------------------


             Summary: Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 
fix
                 Key: CASSANDRA-16150
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-16150
             Project: Cassandra
          Issue Type: Bug
          Components: Dependencies
            Reporter: Rahul Nandi
            Assignee: Rahul Nandi


There have been critical level CVE 
([CVE-2017-18640|[https://nvd.nist.gov/vuln/detail/CVE-2017-18640]]) discovered 
in snakeyaml version earlier to 1.26. This has been patched into snakeyaml 
version 1.26.

This card is expected to upgrade the snakeyaml version to 1.26.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

[jira] [Created] (CASSANDRA-16150) Upgrade to snakeyaml >= 1.26 version for CVE-2017-18640 fix

Reply via email to