[CASSANDRA-17368] Investigate OWASP failure report - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Normal
Resolution: Fixed
Fix Version/s: 3.0.27, 3.11.13, 4.0.4, 4.1-alpha1, 4.1
Component/s: Build
Labels:
None

Bug Category:
Security
Severity:
Normal
Complexity:
Normal
Discovered By:
User Report
Platform:

All
Impacts:

None
Since Version:

NA
Source Control Link:

https://github.com/apache/cassandra/commit/f18b432ce6904bd2d9f9d778e2f99715bbe5d413
Test and Documentation Plan:

Hide

run CI

Show
run CI

Description

4.0: netty-all-4.1.58.Final.jar: CVE-2021-43797, CVE-2021-37136, CVE-2021-37137

3.11: netty-all-4.0.44.Final.jar: CVE-2021-43797, CVE-2021-37136, CVE-2021-37137

3.0: netty-all-4.0.44.Final.jar: CVE-2021-43797, CVE-2021-37136, CVE-2021-37137

Attachments

Issue Links

is duplicated by

CASSANDRA-19139 Security vulnerabilities in Netty in cassandra netty-all-4.1.58.Final.jar

Resolved

Activity

People

Assignee:: Brandon Williams

Reporter:: Brandon Williams

Authors:: Brandon Williams

Reviewers:: Berenguer Blasi

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 09/Feb/22 13:48

Updated:: 01/Dec/23 11:56

Resolved:: 28/Feb/22 13:49