CGA-7v7w-6m6p-3fm5

Published

Last updated

https://images.chainguard.dev/security/CGA-7v7w-6m6p-3fm5

Package

cassandra-reaper-jre-bcfips

Repository

Chainguard

Latest Update

Fixed

Fixed Version

3.7.1-r1

Aliases

CVE-2015-0886
GHSA-9h6p-92jq-888x

Severity

Unknown

References

https://nvd.nist.gov/vuln/detail/CVE-2015-0886
https://github.com/advisories/GHSA-9h6p-92jq-888x

Updates

Status

Fixed

Fixed version

3.7.1-r1

Status

Pending upstream fix

Impact

To be able to fix this CVE, we need to upgrade the "org.apache.cassandra:cassandra-all" dependency version from 2.2.12 which is the version project is currently using to at least 4.0.10 which is the version we should bump to to fix the CVEs but we can't because the build was failed due to compilation errors.

Status

Under investigation

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

The trusted source for open source

Talk to an expert

Privacy

Terms

CGA-7v7w-6m6p-3fm5

Severity

References

Updates

The trusted source for open source

Product

Solutions

Customers

Resources

Company