Details
-
Bug
-
Status: Resolved
-
Major
-
Resolution: Won't Fix
-
3.1.0
-
None
-
None
Description
<dependency>
<groupId>commons-httpclient</groupId>
<artifactId>commons-httpclient</artifactId>
</dependency>
Has vulnerabilities as below:
CVE-2012-6153
CVE-2012-5783
Also, after removing it and running `spark/sql/hive$mvn compile test` the result is SUCCESS
Attachments
Issue Links
- is duplicated by
-
SPARK-35429 Remove commons-httpclient due to EOL and CVEs
- Closed
- links to