Details
-
Bug
-
Status: Resolved
-
Normal
-
Resolution: Not A Problem
-
None
-
None
-
All
-
None
Description
The Cassandra 3.11.11 uses netty-all-4.0.44.Final.jar
This library has the following CVEs. Part of these CVEs are critical!
Please upgrade to 4.1.71.Final
CVE-2019-20445
CVE-2019-20444
CVE-2019-16869
CVE-2020-7238
CVE-2021-37136
CVE-2021-37137
CVE-2021-21409
CVE-2021-43797
CVE-2021-21295
CVE-2021-21290
Attachments
Issue Links
- is superceded by
-
CASSANDRA-14612 Please add OWASP Dependency Check to the build (pom.xml)
- Resolved