Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-2223

Update jackson databind to 2.9.9

VotersWatch issueWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

    Details

    • Type: Improvement
    • Status: Closed
    • Priority: Minor
    • Resolution: Fixed
    • Affects Version/s: 3.3.6, 3.4.1
    • Fix Version/s: 3.3.8, 3.4.3, 3.5.0
    • Component/s: io
    • Labels:
      None

      Description

      https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736

      Upgrade com.fasterxml.jackson.core:jackson-databind to version 2.9.9 or higher.

      Security vulnerability is specific to having mysql jars on the classpath. Does not affect us directly. Low priority, let's put it on the roadmap.

        Attachments

          Activity

            People

            • Assignee:
              spmallette Stephen Mallette
              Reporter:
              rdale Robert Dale

              Dates

              • Created:
                Updated:
                Resolved:

                Issue deployment