Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Done
-
1.13.6
-
None
-
None
Description
The flink-oss-fs-hadoop module(flink/flink-filesystems/flink-oss-fs-hadoop/pom.xml) has aliyun-sdk-oss:3.4.1 as dependency. The version of jdom in aliyun-sdk-oss:3.4.1 is 1.1 which is vulnerable. The aliyun-sdk-oss:3.14.1 has jdom:2.0.6.1. Even the flink:1.15 has aliyun-sdk-oss:3.4.1 only. Please upgrade aliyun-sdk-oss to 3.14.1