-
Notifications
You must be signed in to change notification settings - Fork 1
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
🔐 CVE-2024-47561: org.apache.avro:avro:jar:1.11.3:compile #76
Closed
Labels
Comments
ckunki
added a commit
that referenced
this issue
Oct 17, 2024
* Updated version to 2.0.11 * Updated dependencies * Updated changes file
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Summary
Schema parsing in the Java SDK of Apache Avro 1.11.3 and previous versions allows bad actors to execute arbitrary code.
Users are recommended to upgrade to version 1.11.4Â or 1.12.0, which fix this issue.
CVE: CVE-2024-47561
CWE: CWE-502
References
The text was updated successfully, but these errors were encountered: