Nikita Pande created HBASE-28070:
------------------------------------
Summary: CVE-2020-15250 in org.glassfish:javax.el:jar:3.0.1-b08
Key: HBASE-28070
URL: https://issues.apache.org/jira/browse/HBASE-28070
Project: HBase
Issue Type: Improvement
Reporter: Nikita Pande
mvn dependency tree shows below
{code:java}
[INFO] | +- org.glassfish.web:javax.servlet.jsp:jar:2.3.2:compile
[INFO] | | \- org.glassfish:javax.el:jar:3.0.1-b08:compile
{code}
*Version Affected*
[3.0-b01,3.0.1-b12]
Issue:
org.glassfish:javax.el:jar:3.0.1-b08:compile cause vulnerability as mentioned
in https://mvnrepository.com/artifact/org.glassfish/javax.el/3.0.1-b08
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
