amoro icon indicating copy to clipboard operation
amoro copied to clipboard
verified publisher icon apache

[Improvement]: Fix some high CVEs

Open xxubai opened this issue 1 month ago • 1 comments

Search before asking

  • [x] I have searched in the issues and found no similar issues.

What would you like to be improved?

There are currently some high-level vulnerabilities in Amoro that need to be fixed, for example:

  • CVE-2024-51504: maven / org.apache.zookeeper/zookeeper / 3.9.1
  • CVE-2025-52999: maven / com.fasterxml.jackson.core/jackson-core / 2.13.4, maven / com.fasterxml.jackson.core/jackson-core / 2.14.3
  • CVE-2023-34455: maven / org.xerial.snappy/snappy-java / 1.1.8.4
  • etc.

How should we improve?

No response

Are you willing to submit PR?

  • [ ] Yes I am willing to submit a PR!

Subtasks

No response

Code of Conduct

xxubai avatar Nov 26 '25 09:11 xxubai

Hey! I would like to work on this improvement.

zhangwl9 avatar Nov 27 '25 01:11 zhangwl9