[jira] [Updated] (TEZ-4494) Addressing CVE-2022-41881 - Netty vulnerability

Sercan Tekin (Jira) Sat, 10 Jun 2023 13:38:05 -0700


     [ 
https://issues.apache.org/jira/browse/TEZ-4494?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Sercan Tekin updated TEZ-4494:
------------------------------
    Description: 
Current netty version in the project has high score CVE - 
[https://nvd.nist.gov/vuln/detail/CVE-2022-41881]

The netty version should be upgraded at least version 4.1.86.Final. the latest 
version as of now is 4.1.93.Final.

> Addressing CVE-2022-41881 - Netty vulnerability
> -----------------------------------------------
>
>                 Key: TEZ-4494
>                 URL: https://issues.apache.org/jira/browse/TEZ-4494
>             Project: Apache Tez
>          Issue Type: Bug
>    Affects Versions: 0.10.2
>            Reporter: Sercan Tekin
>            Priority: Major
>              Labels: netty, security, vulnerabilities
>             Fix For: 0.10.3
>
>
> Current netty version in the project has high score CVE - 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
> The netty version should be upgraded at least version 4.1.86.Final. the 
> latest version as of now is 4.1.93.Final.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (TEZ-4494) Addressing CVE-2022-41881 - Netty vulnerability

Reply via email to