Details
-
Bug
-
Status: Closed
-
Major
-
Resolution: Invalid
-
1.15.2
-
None
-
None
Description
Hi, our organisation ran a security scan on Flink-1.15.2 release and found the following vulnerable open source libraries being used -
JDOM1.1
kryo2.24.0
libnetty-3.9-java3.9.0.Final
Netty Project3.10.6.Final
Play2.6.11
Apache Tika1.28.1
Apache Avro1.7.7
Apache Kafka2.8.1
The recommended versions for these libraries are -
JDOM2.0.2
kryo-5.5.0
libnetty-3.9-java3.9.9.Final
Netty Project 5.0.0.Final
Play2.8.16
Apache Tika2.4.1
Apache Avro1.8.2
Apache Kafka2.8.2