[jira] [Commented] (HUDI-8213) Exclude jackson-databind from hudi-spark-bundle to fix CVE-2017-17485

Senthil Kumar (Jira) Wed, 18 Sep 2024 06:12:04 -0700


    [ 
https://issues.apache.org/jira/browse/HUDI-8213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17882709#comment-17882709
 ]


Senthil Kumar commented on HUDI-8213:
-------------------------------------

after excluding jackson-databind from hudi-spark-bundle, we dont see CRITICAL 
CVE


!image-2024-09-18-18-41-06-663.png|width=819,height=59!

> Exclude jackson-databind from hudi-spark-bundle to fix CVE-2017-17485
> ---------------------------------------------------------------------
>
>                 Key: HUDI-8213
>                 URL: https://issues.apache.org/jira/browse/HUDI-8213
>             Project: Apache Hudi
>          Issue Type: Bug
>          Components: spark
>    Affects Versions: 0.14.1, 0.15.0
>            Reporter: Senthil Kumar
>            Priority: Major
>              Labels: pull-request-available
>         Attachments: image-2024-09-18-18-31-09-618.png, 
> image-2024-09-18-18-41-06-663.png
>
>
> Exclude jackson-databind from hudi-spark-bundle to fix CVE-2017-17485



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (HUDI-8213) Exclude jackson-databind from hudi-spark-bundle to fix CVE-2017-17485

Reply via email to