Uploaded image for project: 'Flink'
  1. Flink
  2. FLINK-21020

Bump Jackson to 2.10.5[.1] / 2.12.1

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

      Description

      Our current Jackson version (2.10.1) is vulnerable for at least this CVE:
      https://nvd.nist.gov/vuln/detail/CVE-2020-25649

      Bump it to 2.10.5.1+ should address this issue.

        Attachments

        Issue Links

          Activity

            People

            • Assignee:
              hxbks2ks Huang Xingbo
              Reporter:
              dian.fu Dian Fu

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment