Uploaded image for project: 'ZooKeeper'
  1. ZooKeeper
  2. ZOOKEEPER-3817

owasp failing due to CVE-2020-9488

    XMLWordPrintableJSON

    Details

    • Type: Task
    • Status: Closed
    • Priority: Blocker
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 3.7.0, 3.5.8, 3.6.2
    • Component/s: security
    • Labels:
      None

      Description

      OWASP job is failing due to

      [ERROR] log4j-1.2.17.jar: CVE-2020-9488

      From the CVE summary it doesn't seem to affect us (SMTPS related which we don't use) but we should address, probably by whitelisting the CVE?

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                symat Mate Szalay-Beko
                Reporter:
                phunt Patrick D. Hunt
              • Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved:

                  Time Tracking

                  Estimated:
                  Original Estimate - Not Specified
                  Not Specified
                  Remaining:
                  Remaining Estimate - 0h
                  0h
                  Logged:
                  Time Spent - 20m
                  20m