[Snyk] Security upgrade org.apache.cassandra:cassandra-all from 3.9 to 5.0.0

[sbarbeau-od]

Snyk has created this PR to fix 14 vulnerabilities in the maven dependencies of this project.

Snyk changed the following file(s):

• vendor/k8s.io/kubernetes/examples/storage/cassandra/java/pom.xml

Vulnerabilities that will be fixed with an upgrade:

	Issue	Score	Upgrade
	Arbitrary Code Execution SNYK-JAVA-ORGYAML-3152153	221	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade Proof of Concept
	Denial of Service (DoS) SNYK-JAVA-ORGYAML-2806360	114	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGYAML-6056527	114	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Cross-site Scripting (XSS) SNYK-JAVA-ORGHIBERNATE-569100	88	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Denial of Service (DoS) SNYK-JAVA-ORGYAML-537645	87	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade Proof of Concept
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016891	59	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade Proof of Concept
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016888	58	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade Proof of Concept
	Information Disclosure SNYK-JAVA-COMGOOGLEGUAVA-1015415	47	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade Proof of Concept
	JSM bypass via ReflectionHelper SNYK-JAVA-ORGHIBERNATE-30098	45	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Improper Input Validation SNYK-JAVA-ORGHIBERNATE-568162	45	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Information Exposure SNYK-JAVA-COMMONSCODEC-561518	40	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3016889	40	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Stack-based Buffer Overflow SNYK-JAVA-ORGYAML-3113851	40	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit
	Creation of Temporary File in Directory with Insecure Permissions SNYK-JAVA-COMGOOGLEGUAVA-5710356	30	org.apache.cassandra:cassandra-all: 3.9 -> 5.0.0 Major version upgrade No Known Exploit

---

Important

• Check the changes in this PR to ensure they won't cause issues with your project.
• Max score is 1000. Note that the real score may have changed since the PR was raised.
• This PR was automatically created by Snyk using the credentials of a real user.

---

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic

---

Learn how to fix vulnerabilities with free interactive lessons:

🦉 Creation of Temporary File in Directory with Insecure Permissions
🦉 Improper Input Validation
🦉 Cross-site Scripting (XSS)
🦉 More lessons are available in Snyk Learn