Uploaded image for project: 'TinkerPop'
  1. TinkerPop
  2. TINKERPOP-2809

High severity security vulnerability found in jackson databind

VotersStop watchingWatchersLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Closed
    • Major
    • Resolution: Fixed
    • 3.6.1
    • 3.7.0, 3.6.2, 3.5.5
    • server
    • None

    Description

      Two High security vulnerabilities in jackson databind. Here are the two links. 
      https://nvd.nist.gov/vuln/detail/CVE-2022-42003
      https://nvd.nist.gov/vuln/detail/CVE-2022-42004
      Fixes are in 2.14.0

      Attachments

        Activity

          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            spmallette Stephen Mallette
            acoady Aaron Coady
            Votes:
            0 Vote for this issue
            Watchers:
            5 Stop watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment