[TINKERPOP-2260] Update jackson databind 2.9.9.1 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.7, 3.4.2
Fix Version/s: 3.3.8, 3.4.3, 3.5.0
Component/s: io
Labels:
None

Description

Vulnerable to deserialization of untrusted data with logback-core or jdom on the classpath.
Upgrade to 2.9.9.1 or higher.

Attachments

Activity

People

Assignee:

Robert Dale

Reporter:

Robert Dale

Votes:

0 Vote for this issue

Watchers:

1 Start watching this issue

Dates

Created:

10/Jul/19 11:59

Updated:

05/Aug/19 10:53

Resolved:

05/Aug/19 10:53