CGA-hg68-rm6h-6m37

Published

Last updated

https://images.chainguard.dev/security/CGA-hg68-rm6h-6m37

Package

druid

RepositoryWolfi

Latest Update

Pending upstream fix

Aliases

CVE-2023-40167
GHSA-hmr7-m48g-48f6

Severity

5.3

Medium

CVSS V3

References

https://nvd.nist.gov/vuln/detail/CVE-2023-40167
https://github.com/advisories/GHSA-hmr7-m48g-48f6

Updates

Status

Pending upstream fix

Impact

This vulnerability is related to hadoop-client-runtime 3.3.4 included in druid-deltalake-extensions, requiring code changes by the upstream maintainers to remediate.

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CGA-hg68-rm6h-6m37

Severity

References

Updates

Product

Solutions

Customers

Resources

Company