Uploaded image for project: 'Hive'
  1. Hive
  2. HIVE-27012

Remove JavaEWAH dependency from HIVE to fix CVEs.

    XMLWordPrintableJSON

Details

    Description

      Upgrade JavaEWAH to 1.1.7

      JavaEWAH:0.3.2 is pulling in CVE-2022-29580.

      CVE-2022-29580 is a High Severity CVE with CVSSv3 Score 7.8

      Attachments

        1. tree.txt
          729 kB
          Devaspati Krishnatri

        Issue Links

          links to

          Web Link GitHub Pull Request #4010

          Activity

            People

              devaspatikrishnatri Devaspati Krishnatri
              devaspatikrishnatri Devaspati Krishnatri
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:

                Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 1.5h
                  1.5h