Jet uses `parquet-jackson` in version `1.12.3` which shades `com.fasterxml.jackson.core:jackson-databind:2.13.2.2` which includes following vulnerabilities: - CVE-2022-42003 - https://nvd.nist.gov/vuln/detail/CVE-2022-42003 - CVE-2022-42004 - https://nvd.nist.gov/vuln/detail/CVE-2022-42004 It's the same as https://github.com/hazelcast/hazelcast/issues/22407#issuecomment-1268404278
Jet uses
parquet-jacksonin version1.12.3which shadescom.fasterxml.jackson.core:jackson-databind:2.13.2.2which includes following vulnerabilities:It's the same as hazelcast/hazelcast#22407 (comment)