[ https://issues.apache.org/jira/browse/FLINK-24736?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Parag Somani updated FLINK-24736: --------------------------------- Summary: Non vulenerable jar files for Apache Flink 1.14.3 (was: Non vulenerable jar files for Apache Flink 1.14.0) > Non vulenerable jar files for Apache Flink 1.14.3 > ------------------------------------------------- > > Key: FLINK-24736 > URL: https://issues.apache.org/jira/browse/FLINK-24736 > Project: Flink > Issue Type: Bug > Reporter: Parag Somani > Priority: Major > > Hello, > We are using Apache flink 1.14.0 as one of base image in our production. Due > to recent upgrade, we have many container security defects. > I am using "flink-1.14.0-bin-scala_2.12"in our k8s env. > Please assist with Flink version having non-vulnerable libraries. List of > vulnerable libs are as follows: > [7.5] [sonatype-2020-0029] [flink-runtime] [1.14.2] > [9.1] [CVE-2019-20445] [flink-runtime] [1.14.2] > [9.1] [CVE-2019-20444] [flink-runtime] [1.14.2] > [7.5] [CVE-2019-16869] [flink-runtime] [1.14.2] > [7.5] [sonatype-2020-0029] [flink-rpc-akka] [1.14.2] > [9.1] [CVE-2019-20445] [flink-rpc-akka] [1.14.2] > [9.1] [CVE-2019-20444] [flink-rpc-akka] [1.14.2] > [7.5] [CVE-2019-16869] [flink-rpc-akka] [1.14.2] > [7.5] [sonatype-2020-0029] [flink-rpc-akka-loader] [1.14.2] > [9.1] [CVE-2019-20445] [flink-rpc-akka-loader] [1.14.2] > [9.1] [CVE-2019-20444] [flink-rpc-akka-loader] [1.14.2] > [7.5] [CVE-2019-16869] [flink-rpc-akka-loader] [1.14.2] > Can you assist with this ? -- This message was sent by Atlassian Jira (v8.20.1#820001)