Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-15328

Bump jackson version to >= 2.9.9.3 to address security vulnerabilities

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Triage Needed
    • Normal
    • Resolution: Unresolved
    • None
    • Build
    • None
    • All
    • None

    Description

      Bump jackson version to >= 2.9.9.3 to address security vulnerabilities

      CVE-2019-12086  jackson-databind Medium https://nvd.nist.gov/vuln/detail/CVE-2019-12086          
      CVE-2019-12384  jackson-databind  Medium      https://nvd.nist.gov/vuln/detail/CVE-2019-12384          
      CVE-2019-12814          jackson-databind  Medium https://nvd.nist.gov/vuln/detail/CVE-2019-12814          
      CVE-2019-14439    jackson-databind  High
      https://nvd.nist.gov/vuln/detail/CVE-2019-14439

      Last jackson-databind bumped to 2.9.5 in 4.0 with CASSANDRA-14427

      Jackson 2.9 release notes:

      https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.9

      Attachments

        Activity

          People

            Unassigned Unassigned
            vanessa.haro Vanessa Haro
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated: