Details
-
Task
-
Status: Closed
-
Minor
-
Resolution: Fixed
-
8.11.2, 9.1
-
None
-
None
Description
Due to actual jackson-databind cve listing CVE-2022-42004 and CVE-2022-42003 the Libary should be updated.
https://nvd.nist.gov/vuln/detail/CVE-2022-42004
https://nvd.nist.gov/vuln/detail/CVE-2022-42003
Perhaps for version 9.1.0 as well as 8.11.2?
Best Regards
Attachments
Issue Links
- relates to
-
LOG4J2-3609 javac error when PluginProcessor (log4j-core jar) is in the classpath and annotation is not
- Open