Skip to content

[Backport 2.19-dev] Support full expression in WHERE clauses (#3849)#3904

Merged
penghuo merged 1 commit into
opensearch-project:2.19-devfrom
LantaoJin:backport/backport-3849-to-2.19-dev
Jul 22, 2025
Merged

[Backport 2.19-dev] Support full expression in WHERE clauses (#3849)#3904
penghuo merged 1 commit into
opensearch-project:2.19-devfrom
LantaoJin:backport/backport-3849-to-2.19-dev

Support full expression in WHERE clauses (#3849)

4b6038f
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / WhiteSource Security Check failed Jul 22, 2025 in 6m 54s

Security Report

2 new vulnerabilities were introduced in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Suggested Fix Issue
CVE-2025-48924

Path to dependency file: /core/build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.4/16313e02a793435009f1e458fa4af5d879f6fb11/commons-lang-2.4.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/commons-lang/commons-lang/2.4/16313e02a793435009f1e458fa4af5d879f6fb11/commons-lang-2.4.jar

Dependency Hierarchy:

-> calcite-testkit-1.38.0.jar (Root Library)

   -> calcite-core-1.38.0.jar

     -> aggdesigner-algorithm-6.0.jar

       -> ❌ commons-lang-2.4.jar (Vulnerable Library)

Medium 5.3 commons-lang-2.4.jar Upgrade to version: org.apache.commons:commons-lang3:3.18.0 None
CVE-2025-48924

Path to dependency file: /legacy/build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar,/tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/org.apache.commons/commons-lang3/3.13.0/b7263237aa89c1f99b327197c41d0669707a462e/commons-lang3-3.13.0.jar

Dependency Hierarchy:

-> ❌ commons-lang3-3.13.0.jar (Vulnerable Library)

Medium 5.3 commons-lang3-3.13.0.jar Upgrade to version: org.apache.commons:commons-lang3:3.18.0 None

Base branch total remaining vulnerabilities: 0
Base branch commit: 0a07684a3dae7be069b628ae666efaf667295f48


Total libraries scanned: 256

Scan token: dc6915174aed489e8a3e60b73ae130cb