You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tinkerpop.apache.org by "Robert Dale (JIRA)" <ji...@apache.org> on 2018/10/25 13:18:00 UTC
[jira] [Updated] (TINKERPOP-2068) Bump Jackson Databind 2.9.7
[ https://issues.apache.org/jira/browse/TINKERPOP-2068?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Robert Dale updated TINKERPOP-2068:
-----------------------------------
Description:
Jackson Databind vulnerability flagged by:
* https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451
* [https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449]
* [https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450]
* https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448
Jackson Databind Release Notes: [https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7]
was:Jackson Databind vulnerabily: https://cwe.mitre.org/data/definitions/502.html
> Bump Jackson Databind 2.9.7
> ---------------------------
>
> Key: TINKERPOP-2068
> URL: https://issues.apache.org/jira/browse/TINKERPOP-2068
> Project: TinkerPop
> Issue Type: Improvement
> Components: io
> Affects Versions: 3.3.4, 3.2.10
> Reporter: Robert Dale
> Assignee: Robert Dale
> Priority: Major
> Labels: security
>
> Jackson Databind vulnerability flagged by:
> * https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451
> * [https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449]
> * [https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450]
> * https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448
> Jackson Databind Release Notes: [https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9.7]
>
--
This message was sent by Atlassian JIRA
(v7.6.3#76005)