[jira] [Resolved] (ZOOKEEPER-4478) Suppress OWASP false positives zookeeper-jute-3.8.0-SNAPSHOT.jar: CVE-2021-29425, CVE-2021-28164, CVE-2021-34429

Enrico Olivelli (Jira) Thu, 24 Feb 2022 23:01:05 -0800


     [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-4478?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Enrico Olivelli resolved ZOOKEEPER-4478.
----------------------------------------
    Resolution: Fixed

Issue resolved by pull request 1824
[https://github.com/apache/zookeeper/pull/1824]

> Suppress OWASP false positives zookeeper-jute-3.8.0-SNAPSHOT.jar: 
> CVE-2021-29425, CVE-2021-28164, CVE-2021-34429
> ----------------------------------------------------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-4478
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4478
>             Project: ZooKeeper
>          Issue Type: Task
>            Reporter: Enrico Olivelli
>            Priority: Major
>              Labels: pull-request-available
>             Fix For: 3.8.0, 3.7.1, 3.6.4
>
>          Time Spent: 20m
>  Remaining Estimate: 0h
>
> While preparing a new RC for 3.8.0 today the OWASP checker started to report 
> locally (not on jenkins) these errors:
>  
>  
> {code:java}
> [ERROR] One or more dependencies were identified with vulnerabilities that 
> have a CVSS score greater than or equal to '0.0': 
> [ERROR] 
> [ERROR] zookeeper-jute-3.8.0-SNAPSHOT.jar: CVE-2021-29425, CVE-2021-28164, 
> CVE-2021-34429
> [ERROR] 
> [ERROR] See the dependency-check report for more details.
> [ERROR] 
> {code}
>  
>  



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Resolved] (ZOOKEEPER-4478) Suppress OWASP false positives zookeeper-jute-3.8.0-SNAPSHOT.jar: CVE-2021-29425, CVE-2021-28164, CVE-2021-34429

Reply via email to