a tailored Apache Calcite for Apache Kylin, more details at http://mail-archives.apache.org/mod_mbox/kylin-dev/201704.mbox/%3CCAF7etT=wEBPKm4C_6ffssQ0=kEhD=j1jz3O9DpjC+Zu9xWU=5A@mail.gmail.com%3E . Isn't AtopCalcite in Kylin enough? It depends on tomcat feature that's no longer supported in tomcat 8
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 5.5
SNYK-JAVA-COMGOOGLEGUAVA-1015415
com.google.guava:guava:
19.0 -> 30.0-android
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-COMGOOGLEGUAVA-32236
com.google.guava:guava:
19.0 -> 30.0-android
Why? Has a fix available, CVSS 5.3
SNYK-JAVA-ORGECLIPSEJETTY-174560
org.eclipse.jetty:jetty-server:
9.2.15.v20160210 -> 9.3.24.v20180605
Why? Has a fix available, CVSS 9.8
SNYK-JAVA-ORGECLIPSEJETTY-32385
org.eclipse.jetty:jetty-server:
9.2.15.v20160210 -> 9.3.24.v20180605
Why? Has a fix available, CVSS 7.5
SNYK-JAVA-ORGECLIPSEJETTY-460763
org.eclipse.jetty:jetty-server:
9.2.15.v20160210 -> 9.3.24.v20180605
Why? Mature exploit, Has a fix available, CVSS 4.7
SNYK-JAVA-ORGECLIPSEJETTY-480557
org.eclipse.jetty:jetty-server:
9.2.15.v20160210 -> 9.3.24.v20180605
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: 🧐 View latest project report
🛠 Adjust project settings
📚 Read more about Snyk's upgrade and patch logic