[PARQUET-1895] Update jackson-databind - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Task
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: 1.11.0
Fix Version/s: 1.12.0
Component/s: parquet-mr
Labels:
None

Description

The jackson databind 2.9.10.4 has the following CVEs:

https://nvd.nist.gov/vuln/detail/CVE-2020-14060
https://nvd.nist.gov/vuln/detail/CVE-2020-14061
https://nvd.nist.gov/vuln/detail/CVE-2020-14062
https://nvd.nist.gov/vuln/detail/CVE-2020-14195

They should be resolved if we update to 2.9.10.5

Attachments

Activity

People

Assignee:: Gabor Szadovszky

Reporter:: Patrick OFriel

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 06/Aug/20 20:27

Updated:: 13/Oct/20 09:49

Resolved:: 13/Oct/20 08:31