Description
org.codehaus.jackson brings in some vulnerabilities:
[INFO] | +- org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile [INFO] | | +- org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile [INFO] | | | +- org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile [INFO] | | | | +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile [INFO] | | | | | +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile [INFO] | | | | | | +- javax.xml.bind:jaxb-api:jar:2.2.7:compile [INFO] | | | | | | \- com.sun.istack:istack-commons-runtime:jar:2.16:compile [INFO] | | | | | \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile [INFO] | | | | | \- javax.xml.bind:jsr173_api:jar:1.0:compile [INFO] | | | | \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile [INFO] | | | +- org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile [INFO] | | | | +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile [INFO] | | | | +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile [INFO] | | | | +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile [INFO] | | | | \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
Please upgrade to 3.1.3Final if feasible:
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jaxb-provider</artifactId>
<version>3.1.3.Final</version>
</dependency>
<dependency>
<groupId>org.jboss.resteasy</groupId>
<artifactId>resteasy-jackson-provider</artifactId>
<version>3.1.3.Final</version>
</dependency>
Attachments
Attachments
Issue Links
- Is contained by
-
CAUSEWAY-1779 Transition to JAX-RS 2.0 Client API
-
- Closed
-
- relates to
-
-
- Closed
-