Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-3860

Upgrade jackson-databind for CVE-2020-36518

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Critical
    • Resolution: Duplicate
    • 8.0.10
    • 8.0.11
    • None

    Description

      jackson-databind-2.13.0-rc2.jar is vulnerable and should be upgraded.

      https://nvd.nist.gov/vuln/detail/CVE-2020-36518

       

       

      Attachments

        Issue Links

          duplicates

          Dependency upgrade - Upgrading a dependency to a newer version TOMEE-3856 Upgrade to jackson 2.13.2

          • Major - Major loss of function.
          • Resolved
          is related to

          Dependency upgrade - Upgrading a dependency to a newer version TOMEE-3893 Upgrade to jackson 2.13.2.2

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              9177012889 Yugandher reddy vonteddu
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: