Uploaded image for project: 'Ambari'
  1. Ambari
  2. AMBARI-24778

Fix CVE issues in ambari server

    XMLWordPrintableJSON

Details

    Description

      The following 3rd party dependencies have to be eliminated/upgraded to a secure version based on the latest BlackDuck scan:

      Current version Upgrade to CVE issue(s)
      org.springframework:spring-web:jar:4.3.17.RELEASE org.springframework:spring-web:jar:4.3.18.RELEASEĀ or the latest CVE-2018-11039, CVE-2018-11040
      jquery-1.8.3.min.js 1.9.0rc1 or the latest CVE-2011-4969, CVE-2015-9251, CVE-2012-6708
      org.eclipse.jetty:jetty-server:jar:9.4.11.v20180605 9.4.12.v20180830 or the latest CVE-2017-9735, CVE-2018-12536

      Attachments

        Activity

          People

            smolnar Sandor Molnar
            smolnar Sandor Molnar
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Time Tracking

                Estimated:
                Original Estimate - Not Specified
                Not Specified
                Remaining:
                Remaining Estimate - 0h
                0h
                Logged:
                Time Spent - 1h
                1h