Description
Dear colleagues,
we are using log4j2 with flume-ng appender.
The below vulnerabilities are found in the dependent jackson-mapper-asl-1.9.13.jar :
cve-2019-10202
cve-2019-10172
Please advise if this will be fixed and planned ETA in case it is already fixed
Thanks ,
sasha
Attachments
Attachments
Issue Links
- duplicates
-
FLUME-3402 remove org.codehaus.jackson dependencies
- Closed