search

Kyligence / calcite

a tailored Apache Calcite for Apache Kylin, more details at http://mail-archives.apache.org/mod_mbox/kylin-dev/201704.mbox/%3CCAF7etT=wEBPKm4C_6ffssQ0=kEhD=j1jz3O9DpjC+Zu9xWU=5A@mail.gmail.com%3E . Isn't AtopCalcite in Kylin enough? It depends on tomcat feature that's no longer supported in tomcat 8
Apache License 2.0
14 stars 53 forks source link

[Snyk] Security upgrade org.apache.spark:spark-core_2.10 from 1.6.1 to 2.2.0 #216

Open snyk-bot opened 3 years ago

snyk-bot commented 3 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Priority Score (*) Issue Upgrade Breaking Change Exploit Maturity
medium severity 484/1000
Why? Has a fix available, CVSS 5.4		 Cross-site Scripting (XSS)
SNYK-JAVA-ORGAPACHESPARK-1298180		 org.apache.spark:spark-core_2.10:
1.6.1 -> 2.2.0
Yes No Known Exploit
medium severity 519/1000
Why? Has a fix available, CVSS 6.1		 Cross-site Scripting (XSS)
SNYK-JAVA-ORGAPACHESPARK-1298184		 org.apache.spark:spark-core_2.10:
1.6.1 -> 2.2.0
Yes No Known Exploit
high severity 604/1000
Why? Has a fix available, CVSS 7.8		 Deserialization of Untrusted Data
SNYK-JAVA-ORGAPACHESPARK-1298186		 org.apache.spark:spark-core_2.10:
1.6.1 -> 2.2.0
Yes No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information: 🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic