[FLINK-29631] [CVE-2022-42003] flink-shaded-jackson - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Closed
Priority: Major
Resolution: Fixed
Affects Version/s: shaded-16.0
Fix Version/s: shaded-17.0
Component/s: BuildSystem / Shaded
Labels:
- pull-request-available

Description

flink-shaded-jackson vulnerable to 7.5 (high) https://nvd.nist.gov/vuln/detail/CVE-2022-42003

Ref:

https://nvd.nist.gov/vuln/detail/CVE-2022-42003

https://repo1.maven.org/maven2/org/apache/flink/flink-shaded/16.0/flink-shaded-16.0.pom

https://mvnrepository.com/artifact/org.apache.flink/flink-shaded-jackson-parent/2.13.4-16.0

https://repo1.maven.org/maven2/org/apache/flink/flink-shaded-jackson/2.13.4-16.0/flink-shaded-jackson-2.13.4-16.0.pom

Attachments

Issue Links

links to

GitHub Pull Request #113

Activity

People

Assignee:: Sergey Nuyanzin

Reporter:: Sergio Sainz

Votes:: 0 Vote for this issue

Watchers:: 2 Start watching this issue

Dates

Created:: 13/Oct/22 16:52

Updated:: 20/Oct/22 10:03

Resolved:: 20/Oct/22 10:03