Uploaded image for project: 'Cassandra'
  1. Cassandra
  2. CASSANDRA-15828

Remove jackson-mapper-asl-1.9.13 to address CVE

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Normal
    • Resolution: Fixed
    • None
    • None
    • None
    • All
    • Security

    Description

      Recent scan results identified the following CVE that require this upgrade to address

      https://nvd.nist.gov/vuln/detail/CVE-2019-10172

      Attachments

        Issue Links

          causes

          Bug - A problem which impairs or prevents the functions of the product. CASSANDRA-16056 Remove jackson-mapper-asl-1.9.13 to mitigate CVE-2019-10172

          • Normal -
          • Resolved
          is a clone of

          Improvement - An improvement or enhancement to an existing feature or task. CASSANDRA-15827 Upgrade to Jackson Databind 2.9.10.4 or later to address CVEs

          • Normal -
          • Triage Needed

          Activity

            People

              Unassigned Unassigned
              c3-keveker Kevin Eveker
              Votes:
              1 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: