Details
-
Bug
-
Status: Resolved
-
Critical
-
Resolution: Fixed
-
1.13.0, 1.12.3, 1.13.1
Description
We scanned jackson-databind&core for some vulnerabilities (CVE-2020-24616/CVE-2021-20190/CVE-2020-36184/CVE-2020-36183/CVE-2020-9546...). Apache Parquet depends on them, so we upgraded parquet to version 1.12.0.
parquet code link:https://github.com/apache/parquet-mr/blob/db75a6815f2ba1d1ee89d1a90aeb296f1f3a8f20/pom.xml#L78
Attachments
Issue Links
- links to