VYPR

Maven package

org.apache.heron/heron-api

pkg:maven/org.apache.heron/heron-api

Vulnerabilities (1)

  • CVE-2021-42010Oct 24, 2022
    affected < 0.20.5-incubatingfixed 0.20.5-incubating

    Heron versions <= 0.20.4-incubating allows CRLF log injection because of the lack of escaping in the log statements. Please update to version 0.20.5-incubating which addresses this issue.