Details

      Description

      org.codehaus.jackson brings in some vulnerabilities:

      [INFO] |  +- org.apache.isis.core:isis-core-viewer-restfulobjects-server:jar:1.14.0:compile
      [INFO] |  |  +- org.apache.isis.core:isis-core-viewer-restfulobjects-rendering:jar:1.14.0:compile
      [INFO] |  |  |  +- org.jboss.resteasy:resteasy-jaxb-provider:jar:3.0.14.Final:compile
      [INFO] |  |  |  |  +- com.sun.xml.bind:jaxb-impl:jar:2.2.7:compile
      [INFO] |  |  |  |  |  +- com.sun.xml.bind:jaxb-core:jar:2.2.7:compile
      [INFO] |  |  |  |  |  |  +- javax.xml.bind:jaxb-api:jar:2.2.7:compile
      [INFO] |  |  |  |  |  |  \- com.sun.istack:istack-commons-runtime:jar:2.16:compile
      [INFO] |  |  |  |  |  \- com.sun.xml.fastinfoset:FastInfoset:jar:1.2.12:compile
      [INFO] |  |  |  |  |     \- javax.xml.bind:jsr173_api:jar:1.0:compile
      [INFO] |  |  |  |  \- org.jboss.logging:jboss-logging:jar:3.1.4.GA:compile
      [INFO] |  |  |  +- org.jboss.resteasy:resteasy-jackson-provider:jar:3.0.14.Final:compile
      [INFO] |  |  |  |  +- org.codehaus.jackson:jackson-core-asl:jar:1.9.12:compile
      [INFO] |  |  |  |  +- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.12:compile
      [INFO] |  |  |  |  +- org.codehaus.jackson:jackson-jaxrs:jar:1.9.12:compile
      [INFO] |  |  |  |  \- org.codehaus.jackson:jackson-xc:jar:1.9.12:compile
      

      Please upgrade to 3.1.3Final if feasible:

      <dependency>
          <groupId>org.jboss.resteasy</groupId>
          <artifactId>resteasy-jaxb-provider</artifactId>
          <version>3.1.3.Final</version>
      </dependency>
      <dependency>
          <groupId>org.jboss.resteasy</groupId>
          <artifactId>resteasy-jackson-provider</artifactId>
          <version>3.1.3.Final</version>
      </dependency>
      
      

        Attachments

          Issue Links

            Activity

              People

              • Assignee:
                hobrom Andi Huber
                Reporter:
                joerg.rade Jörg Rade
              • Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                • Created:
                  Updated:
                  Resolved: