Fix CVE-2024-21634 in software.amazon.ion:ion-java:jar:1.0.2:test #214

kaklakariada · 2024-01-17T07:10:40Z

Error:  Failed to execute goal org.sonatype.ossindex.maven:ossindex-maven-plugin:3.2.0:audit (default-cli) on project spark-connector-s3_2.13: Detected 1 vulnerable components:
Error:    software.amazon.ion:ion-java:jar:1.0.2:test; https://ossindex.sonatype.org/component/pkg:maven/software.amazon.ion/ion-java@1.0.2?utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1
Error:      * [CVE-2024-21634] CWE-770: Allocation of Resources Without Limits or Throttling (7.5); https://ossindex.sonatype.org/vulnerability/CVE-2024-21634?component-type=maven&component-name=software.amazon.ion%2Fion-java&utm_source=ossindex-client&utm_medium=integration&utm_content=1.8.1

The text was updated successfully, but these errors were encountered:

kaklakariada added the security Security related change label Jan 17, 2024

kaklakariada self-assigned this Jan 18, 2024

kaklakariada mentioned this issue Jan 18, 2024

#214: Fix CVE-2024-21634 in software.amazon.ion:ion-java #215

Merged

kaklakariada added a commit that referenced this issue Jan 18, 2024

#214: Upgrade dependencies

3e4851f

kaklakariada closed this as completed in #215 Jan 19, 2024

kaklakariada added a commit that referenced this issue Jan 19, 2024

#214: Fix CVE-2024-21634 in software.amazon.ion:ion-java (#215)

f922c6c

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Fix CVE-2024-21634 in software.amazon.ion:ion-java:jar:1.0.2:test #214

Fix CVE-2024-21634 in software.amazon.ion:ion-java:jar:1.0.2:test #214

kaklakariada commented Jan 17, 2024

Fix CVE-2024-21634 in software.amazon.ion:ion-java:jar:1.0.2:test #214

Fix CVE-2024-21634 in software.amazon.ion:ion-java:jar:1.0.2:test #214

Comments

kaklakariada commented Jan 17, 2024