Uploaded image for project: 'Parquet'
  1. Parquet
  2. PARQUET-2127

Security risk in latest parquet-jackson-1.12.2.jar

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Resolved
    • Major
    • Resolution: Fixed
    • None
    • 1.12.3
    • None
    • None

    Description

      Embed jackson-databind:2.11.4 has security risk of Possible DoS if using JDK serialization to serialize JsonNode (https://github.com/FasterXML/jackson-databind/issues/3328 ), upgrade to 2.13.1 can fix this.

      Attachments

        Issue Links

          is depended upon by

          Task - A task that needs to be done. PARQUET-2145 Release 1.12.3

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              phoebemaomao phoebe chen
              Votes:
              3 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: