Details
-
Wish
-
Status: Open
-
Major
-
Resolution: Unresolved
-
3.3.1
-
None
-
None
Description
Hi all, I use a library that is using hadoop-commons as dependency in quite an old version.
anyway I was trying to upgrate it to the latest version and found that still there, there are some problems in hadoop commons.
I can see them even in maven
https://mvnrepository.com/artifact/org.apache.hadoop/hadoop-common/3.3.1
CVE-2022-23305
CVE-2022-23302
CVE-2021-4104
CVE-2021-36374
CVE-2021-36090
CVE-2021-35516
CVE-2021-34429
CVE-2021-22569
CVE-2020-15522
Anyway I'm definitely not an expert on this but is there plans to fix this vulnerabilities?
Or is this library not to be used anymore and we need to migrate to something else?
Thanks for any feedback