[Snyk] Upgrade org.apache.hadoop:hadoop-common from 3.1.0 to 3.3.6 #2

harlanshober · 2023-12-16T15:05:52Z

This PR was automatically created by Snyk using the credentials of a real user.

Snyk has created this PR to upgrade org.apache.hadoop:hadoop-common from 3.1.0 to 3.3.6.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 16 versions ahead of your current version.
The recommended version was released 6 months ago, on 2023-06-18.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
Deserialization of Untrusted Data SNYK-JAVA-COMMONSBEANUTILS-460111	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Web Cache Poisoning SNYK-JAVA-ORGECLIPSEJETTY-460763	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-3369748	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Privilege Escalation SNYK-JAVA-ORGECLIPSEJETTY-1021614	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Denial of Service (DoS) SNYK-JAVA-ORGECLIPSEJETTY-1090340	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Timing Attack SNYK-JAVA-ORGECLIPSEJETTY-32151	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Check for Unusual or Exceptional Conditions SNYK-JAVA-COMNIMBUSDS-536068	564/1000 Why? Has a fix available, CVSS 7	Proof of Concept
Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-1298655	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Cross-site Scripting (XSS) SNYK-JAVA-ORGECLIPSEJETTY-174479	564/1000 Why? Has a fix available, CVSS 7	Mature
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-461008	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-COMMONSNET-3153503	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Authorization Bypass SNYK-JAVA-ORGECLIPSEJETTY-32385	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Web Cache Poisoning SNYK-JAVA-ORGECLIPSEJETTY-32383	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JAVA-NETMINIDEV-1078499	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-461009	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Cross-site Scripting (XSS) SNYK-JAVA-ORGECLIPSEJETTY-480557	564/1000 Why? Has a fix available, CVSS 7	Mature
Denial of Service (DoS) SNYK-JAVA-ORGECLIPSEJETTY-5426159	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-174560	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-5969350	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Denial of Service (DoS) SNYK-JAVA-COMFASTERXMLWOODSTOX-3091135	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-1313686	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-5426160	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Improper Input Validation SNYK-JAVA-ORGECLIPSEJETTY-2945452	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JAVA-ORGAPACHEHADOOP-174573	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary File Write via Archive Extraction (Zip Slip) SNYK-JAVA-ORGAPACHEHADOOP-2443177	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Arbitrary Code Execution SNYK-JAVA-ORGAPACHEHADOOP-2975400	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
Information Exposure SNYK-JAVA-ORGECLIPSEJETTY-5426161	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit
XML External Entity (XXE) Injection SNYK-JAVA-COMFASTERXMLWOODSTOX-2928754	564/1000 Why? Has a fix available, CVSS 7	No Known Exploit