This repository was archived by the owner on Jan 31, 2025. It is now read-only.
This repository was archived by the owner on Jan 31, 2025. It is now read-only.
Vulnerabilities in Apache Commons IO 2.5 used by Hadoop in Jet #3066
Description
Jet uses org.apache.hadoop:hadoop-client which uses commons-io:commons-io in version 2.5 which includes following vulnerability:
- CVE-2021-29425 - https://nvd.nist.gov/vuln/detail/CVE-2021-29425 (it should be fixed in version 2.7 - however is seems to currently be in
UNDERGOING REANALYSISstate in that version)