DataStax Academy FAQ

DataStax Academy migrated to a new learning management system (LMS) in July 2020. We are also moving to a new Cassandra Certification process so there are changes to exam bookings, voucher system and issuing of certificates.

Check out the Academy FAQ pages for answers to your questions:


question

ortizfabio_185816 avatar image
ortizfabio_185816 asked ·

commons-utils v1.9.3 in spark-cassandra-connector v2.0.12 is vulnerable to CVE-2014-0114

This version of the connector is using commons-beanutils:commons-beanutils:1.9.3 which has a documented vulnerability: SNYK-JAVA-COMMONSBEANUTILS-460111. In our organization every artifact is checked against this type of vulnerabilities therefore I am unable to use the latest version. Could you create a version that is free of vulnerabilites?


cassandrasparkconnectorcvevulnerability
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.

1 Answer

Erick Ramirez avatar image
Erick Ramirez answered ·

@ortizfabio_185816 Thanks for bringing to this to our attention. As per the instructions on GitHub (https://github.com/datastax/spark-cassandra-connector#reporting-bugs), I've logged SPARKC-569 to have the issue assessed and addressed. Cheers!

Share
10 |1000 characters needed characters left characters exceeded

Up to 8 attachments (including images) can be used with a maximum of 1.0 MiB each and 10.0 MiB total.