You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@cassandra.apache.org by "Brandon Williams (Jira)" <ji...@apache.org> on 2022/10/17 14:56:00 UTC

[jira] [Created] (CASSANDRA-17966) jackson-databind vulnerability CVE-2022-42003 CVE-2022-42004

Brandon Williams created CASSANDRA-17966:
--------------------------------------------

             Summary: jackson-databind vulnerability CVE-2022-42003 CVE-2022-42004
                 Key: CASSANDRA-17966
                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17966
             Project: Cassandra
          Issue Type: Bug
            Reporter: Brandon Williams


As the summary says, jackson-databind 2.13.2.2 which was upgraded for a vulnerability in CASSANDRA-17556 is vulnerable again.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@cassandra.apache.org
For additional commands, e-mail: commits-help@cassandra.apache.org