[jira] [Created] (AVRO-3151) Black Duck SEV-4 issue "Improper Check for Unusual or Exceptional Conditions" for Apache Avro 1.10.2

Peter Rozovski (Jira) Tue, 25 May 2021 18:33:10 -0700

Peter Rozovski created AVRO-3151:
------------------------------------

             Summary: Black Duck SEV-4 issue "Improper Check for Unusual or 
Exceptional Conditions" for Apache Avro 1.10.2 
                 Key: AVRO-3151
                 URL: https://issues.apache.org/jira/browse/AVRO-3151
             Project: Apache Avro
          Issue Type: Bug
          Components: java
    Affects Versions: 1.10.2
            Reporter: Peter Rozovski



Black Duck scan identifies SEV-4 vulnerability for Apache Avro 1.10.2 

 
|Description|Component Apache Avro_1.10.2 is vulnerable to CVE-2019-17195. 
Please see https://vss.wellsfargo.net/vuln/CVE-2019-17195 for more information.|
|Path|/vuln/CVE-2019-17195|
|Parameter|Apache Avro_1.10.2: CVE-2019-17195|
|Scanner Detail|Connect2id Nimbus JOSE+JWT before v7.9 can throw various 
uncaught exceptions while parsing a JWT, which could result in an application 
crash (potential information disclosure) or a potential authentication bypass.|



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Created] (AVRO-3151) Black Duck SEV-4 issue "Improper Check for Unusual or Exceptional Conditions" for Apache Avro 1.10.2

Reply via email to