Uploaded image for project: 'Hadoop Common'
  1. Hadoop Common
  2. HADOOP-17094

vulnerabilities reported in jackson and jackson-databind in branch-2.10

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Resolved
    • Priority: Major
    • Resolution: Fixed
    • Affects Version/s: 2.10.0, 2.10.1
    • Fix Version/s: 2.10.1
    • Component/s: None
    • Labels:
      None
    • Target Version/s:
    • Hadoop Flags:
      Reviewed

      Description

      There are known vulnerabilities in the com.fasterxml.jackson.core:jackson-databind package [,2.9.10.5).

      List of vulnerabilities.

      Upgrading jackson and jackson-databind to 2.10 should get rid of those vulnerabilities.

        Attachments

        1. HADOOP-17094-branch-2.10.001.patch
          0.5 kB
          Ahmed Hussein

          Activity

            People

            • Assignee:
              ahussein Ahmed Hussein
              Reporter:
              ahussein Ahmed Hussein
            • Votes:
              0 Vote for this issue
              Watchers:
              4 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: