Open snyk-bot opened 4 years ago
org.apache.phoenix:phoenix-core:
4.13.1-HBase-0.98 -> 5.0.0-HBase-2.0
org.apache.hbase:hbase-client:
1.4.2 -> 2.3.0
org.apache.curator:curator-client:
2.10.0 -> 4.3.0
org.apache.curator:curator-framework:
2.11.1 -> 4.3.0
org.apache.curator:curator-x-discovery:
(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information: š§ View latest project report
š Adjust project settings
š Read more about Snyk's upgrade and patch logic
Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.
Changes included in this PR
Vulnerabilities that will be fixed
With an upgrade:
Why? Has a fix available, CVSS 5.9
SNYK-JAVA-COMGOOGLEGUAVA-32236
org.apache.phoenix:phoenix-core:4.13.1-HBase-0.98 -> 5.0.0-HBase-2.0Why? Has a fix available, CVSS 3.7
SNYK-JAVA-COMMONSCODEC-561518
org.apache.hbase:hbase-client:1.4.2 -> 2.3.0Why? Has a fix available, CVSS 5.5
SNYK-JAVA-ORGAPACHECOMMONS-32473
org.apache.phoenix:phoenix-core:4.13.1-HBase-0.98 -> 5.0.0-HBase-2.0Why? Proof of Concept exploit, Has a fix available, CVSS 4.3
SNYK-JAVA-ORGAPACHEZOOKEEPER-174781
org.apache.curator:curator-client:2.10.0 -> 4.3.0org.apache.curator:curator-framework:2.11.1 -> 4.3.0org.apache.curator:curator-x-discovery:2.10.0 -> 4.3.0org.apache.hbase:hbase-client:1.4.2 -> 2.3.0org.apache.phoenix:phoenix-core:4.13.1-HBase-0.98 -> 5.0.0-HBase-2.0(*) Note that the real score may have changed since the PR was raised.
Check the changes in this PR to ensure they won't cause issues with your project.
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
š§ View latest project report
š Adjust project settings
š Read more about Snyk's upgrade and patch logic