[jira] [Created] (KUDU-3494) Protobuf CVE CVE-2022-3510

Wed, 19 Jul 2023 02:46:07 -0700 

Colm O hEigeartaigh created KUDU-3494:
-----------------------------------------

             Summary: Protobuf CVE CVE-2022-3510
                 Key: KUDU-3494
                 URL: https://issues.apache.org/jira/browse/KUDU-3494
             Project: Kudu
          Issue Type: Bug
    Affects Versions: 1.16.0
            Reporter: Colm O hEigeartaigh
             Fix For: 1.17.0, 1.16.1


There is a CVE in protobuf 3.19.3 
[https://github.com/apache/kudu/blob/5659541d15c5490d25ca207c4f63b249986fbfe6/java/gradle/dependencies.gradle#L54]

[https://nvd.nist.gov/vuln/detail/CVE-2022-3509]

[https://nvd.nist.gov/vuln/detail/CVE-2022-3510]

Please update to 3.19.6.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to