[jira] [Updated] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

Nixon Rodrigues (Jira) Mon, 14 Sep 2020 00:03:12 -0700


     [ 
https://issues.apache.org/jira/browse/ATLAS-3940?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Nixon Rodrigues updated ATLAS-3940:
-----------------------------------
    Issue Type: Bug  (was: Improvement)

> Upgrade snakeyaml to a version without CVE-2017-18640 
> ------------------------------------------------------
>
>                 Key: ATLAS-3940
>                 URL: https://issues.apache.org/jira/browse/ATLAS-3940
>             Project: Atlas
>          Issue Type: Bug
>            Reporter: Nixon Rodrigues
>            Priority: Major
>
> Maven package cassandra-all has transitive dependency on 
> org.yaml:snakeyaml:1.11 which has 
> CVE-2017-18640:https://nvd.nist.gov/vuln/detail/CVE-2017-18640



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Updated] (ATLAS-3940) Upgrade snakeyaml to a version without CVE-2017-18640

Reply via email to