[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

ASF subversion and git services (Jira) Tue, 15 Sep 2020 01:36:42 -0700


    [ 
https://issues.apache.org/jira/browse/ATLAS-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17195974#comment-17195974
 ]


ASF subversion and git services commented on ATLAS-3940:
--------------------------------------------------------

Commit d555c02ba283312e2d9b014b5d68a17da3661525 in atlas's branch 
refs/heads/master from Rahul Nandi
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=d555c02 ]

ATLAS-3940 : Upgrade snakeyaml to a version without CVE-2017-18640 (#110)



> Upgrade snakeyaml to a version without CVE-2017-18640 
> ------------------------------------------------------
>
>                 Key: ATLAS-3940
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3940
>             Project: Atlas
>          Issue Type: Bug
>            Reporter: Nixon Rodrigues
>            Priority: Major
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Maven package cassandra-all has transitive dependency on 
> org.yaml:snakeyaml:1.11 which has 
> CVE-2017-18640:https://nvd.nist.gov/vuln/detail/CVE-2017-18640



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

Reply via email to