Details
Description
Currently we are using JSON Smart 2.4.2 version which is vulnerable to - CVE-2021-31684.
We can upgrade the version to 2.4.7 (2.4.5 or later).
Attachments
Issue Links
- relates to
-
HADOOP-17885 Upgrade JSON smart to 1.3.3 on branch-2.10
- Resolved
-
HADOOP-17633 Bump json-smart to 2.4.2 and nimbus-jose-jwt to 9.8 due to CVEs
- Resolved
- links to