1. A concise explanation of the problem you're experiencing.
We scanned 1.36 version of cesium using Black Duck software and it has Cloudera CDH
Description - Impala in CDH 5.2.0 through 5.7.2 and 5.8.0 allows remote attackers to bypass Setry authorization. 2017-04-14T15:42:15.643Z 2017-04-14T16:43:04.983Z - Vulnerability id #CVE-2016-6605
2. A minimal code example. If you've found a bug, this helps us reproduce and repair it.
Can we upgrade the Cloudera CDH to higher version?
I’m not a Cesium developer, but… how does this have anything to do with Cesium? Cesium is a Javascript 3D globe library. Cloudera CDH appears to be… some kind of “Big Data” server tool that uses Apache Hadoop or something. A search of the Cesium repo for the word “cloudera” turns up exactly 0 hits in either the code or the issues.
As far as I can tell, Cloudera is completely unrelated to Cesium, and this request is meaningless.
What “scan” did you actually run, how did you run it, and what did it supposedly find?