Uploaded image for project: 'Tika'
  1. Tika
  2. TIKA-4183

Update jackson-databind jar to 2.16.0 or higher (CVE-2023-35116)

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Duplicate
    • 2.9.1
    • None
    • None
    • None

    Description

      Latest stable tika version 2.9.1 (in tika eval app) still has jackson-databind-2.15.2.

      It needs to be updated to 2.16.0 or higher to address https://nvd.nist.gov/vuln/detail/CVE-2023-35116

      Attachments

        Issue Links

          Activity

            People

              Unassigned Unassigned
              dpramod Dhoka Pramod
              Votes:
              0 Vote for this issue
              Watchers:
              3 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: