Uploaded image for project: 'Ranger'
  1. Ranger
  2. RANGER-4038

Upgrade spring framework and spring security versions

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Open
    • Major
    • Resolution: Unresolved
    • None
    • None
    • Ranger
    • None

    Description

      Pivotal Spring Framework up to (excluding) 6.0.0 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. Depending on how the library is implemented within a product, this issue may or not occur, and authentication may be required.

      Attachments

        Issue Links

          is required by

          Bug - A problem which impairs or prevents the functions of the product. NIFI-12738 Nifi registry ranger integration is not working

          • Critical - Crashes, loss of data, severe memory leak.
          • Resolved

          Activity

            People

              hmaurya Himanshu Maurya
              hmaurya Himanshu Maurya
              Votes:
              1 Vote for this issue
              Watchers:
              8 Start watching this issue

              Dates

                Created:
                Updated: