[jira] [Created] (HBASE-28067) Hbase 2.4.13 vulnerable to CVE-2022-26612

kaushik mandal (Jira) Thu, 07 Sep 2023 06:27:11 -0700

kaushik mandal created HBASE-28067:
--------------------------------------

             Summary: Hbase 2.4.13 vulnerable to CVE-2022-26612
                 Key: HBASE-28067
                 URL: https://issues.apache.org/jira/browse/HBASE-28067
             Project: HBase
          Issue Type: Bug
          Components: Client
    Affects Versions: 2.4.13
            Reporter: kaushik mandal



hbase 2.4.13 uses hadoop-common-2.10.0.jar which is vulnerable to 
CVE-2022-26612.

when replaced hadoop-common-2.10.0.jar with 3.2.3, getting version incompatible 
issue and as result hbase shell command failed.

is there any hbase version which is compatible with hadoop-common 3.2.3 or 
above?

or is there any hbase version available where the above CVE addressed?

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (HBASE-28067) Hbase 2.4.13 vulnerable to CVE-2022-26612

Reply via email to