Fixed CVEs
This release resolves 2,131 security vulnerabilities (CVEs) identified across ODP platform components, representing a comprehensive security hardening initiative implemented during the upgrade from version 3.3.6.1-1 to 3.3.6.2-1.
Detailed List of CVEs Addressed
For detailed information about CVEs addressed in this release, see ODP 3.3.6.2-1 Acceldata Open-Source Data Platform CVE Fixes.
Summary of CVEs by component and severity level
You can see the summary of CVEs addressed by components and severity level.
| Component | Critical 🔴 | High 🟠 | Medium 🟡 | Low 🟢 | Total |
|---|---|---|---|---|---|
| Apache Oozie | 27 | 111 | 102 | 30 | 270 |
| Apache Zeppelin | 26 | 109 | 82 | 15 | 232 |
| Apache NiFi | 26 | 65 | 40 | 8 | 139 |
| Apache Phoenix | 7 | 47 | 57 | 19 | 130 |
| Schema Registry | 3 | 50 | 56 | 12 | 121 |
| Apache Hadoop | 20 | 57 | 30 | 9 | 116 |
| Apache Impala | 1 | 53 | 46 | 13 | 113 |
| JupyterHub | 5 | 42 | 34 | 12 | 93 |
| Apache Spark 3 | 2 | 33 | 45 | 13 | 93 |
| Apache Knox | 7 | 23 | 46 | 15 | 91 |
| Apache Ranger | 2 | 36 | 38 | 12 | 88 |
| Apache Hive | 2 | 31 | 39 | 12 | 84 |
| Apache Livy 3 | 4 | 34 | 33 | 12 | 83 |
| Apache Druid | 3 | 30 | 28 | 7 | 68 |
| Apache Tez | 2 | 31 | 25 | 7 | 65 |
| Apache Kudu | 2 | 20 | 27 | 7 | 56 |
| Apache Kafka | 1 | 23 | 16 | 6 | 46 |
| Apache HBase | 2 | 13 | 24 | 5 | 44 |
| Cruise Control | 2 | 12 | 12 | 2 | 28 |
| Apache Flink | 1 | 11 | 11 | 5 | 28 |
| Apache Kafka 3 | 1 | 16 | 8 | 3 | 28 |
| Apache Ozone | 1 | 17 | 3 | 3 | 24 |
| Apache Pinot | 4 | 9 | 5 | 5 | 23 |
| Apache Sqoop | 3 | 10 | 6 | 2 | 21 |
| Trino | 2 | 7 | 3 | 3 | 15 |
| Apache ZooKeeper | 0 | 4 | 7 | 3 | 14 |
| Apache Hue | 1 | 2 | 3 | 3 | 9 |
| Cruise Control 3 | 0 | 2 | 4 | 3 | 9 |
Was this page helpful?