Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-2275

Update jackson databind 2.9.9.3+

    XMLWordPrintableJSON

Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 3.3.7, 3.4.2
    • 3.3.9, 3.4.4
    • io

    Description

       

      Fixes more gadget vulnerabilities with ehcache and logback in the classpath. 

      https://app.snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617

       

      Note that the fix is in 2.9.9.2. However, that version broke things. Waiting for 2.9.9.3 to be released.  https://github.com/FasterXML/jackson-databind/issues/2395

       

      TinkerPop is not directly affected hence low priority (let alone that the fix isn't even available).

       

      Attachments

        Activity

          People

            rdale Robert Dale
            rdale Robert Dale
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: