[
https://issues.apache.org/jira/browse/ATLAS-5165?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18042701#comment-18042701
]
ASF subversion and git services commented on ATLAS-5165:
--------------------------------------------------------
Commit fb85541e41ed55b43e261763a48eb27c22940afb in atlas's branch
refs/heads/master from achandel-01
[ https://gitbox.apache.org/repos/asf?p=atlas.git;h=fb85541e4 ]
ATLAS-5165: Upgrading commons-validator from 1.6 to 1.10.0 to address CVEs
(#481)
Co-authored-by: Abhinav Chandel <[email protected]>
> Upgrading commons validator to address CVEs
> -------------------------------------------
>
> Key: ATLAS-5165
> URL: https://issues.apache.org/jira/browse/ATLAS-5165
> Project: Atlas
> Issue Type: Improvement
> Reporter: Abhinav Chandel
> Priority: Major
> Time Spent: 20m
> Remaining Estimate: 0h
>
> Atlas project [currently
> uses|https://github.infra.cloudera.com/CDH/atlas/blob/cdh_main/pom.xml#L667]
> commons-validator-1.6 which is subject to vulnerabilities (including HIGH
> severity ones) transitively from commons_beanutils-1.9.2
> ([+CVE-2014-0114+|https://nvd.nist.gov/vuln/detail/CVE-2014-0114],
> [+CVE-2019-10086+|https://nvd.nist.gov/vuln/detail/CVE-2019-10086],
> [+CVE-2025-48734+|https://nvd.nist.gov/vuln/detail/CVE-2025-48734]).
>
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
