Uploaded image for project: 'Apache Arrow'
  1. Apache Arrow
  2. ARROW-1242

[Java] security - upgrade Jackson to mitigate 3 CVE vulnerabilities

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 0.4.1
    • Fix Version/s: 0.6.0
    • Component/s: Java
    • Labels:
      None

      Description

      please consider upgrading jackson to mitigate its various vulnerabilities in 2.7.1:
      https://cve.mitre.org/cgi-bin/cvekey.cgi?keyword=jackson

      see also
      https://github.com/FasterXML/jackson-databind/issues/1599

        Attachments

          Activity

            People

            • Assignee:
              mdarwin Matt Darwin
              Reporter:
              mdarwin Matt Darwin
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: