Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-4233

Upgrade johnzon-mapper to 1.2.21

Attach filesAttach ScreenshotBulk Copy AttachmentsBulk Move AttachmentsVotersWatch issueWatchersCreate sub-taskConvert to sub-taskLinkCloneLabelsUpdate Comment AuthorReplace String in CommentUpdate Comment Visibility
    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 8.0.15, 9.1.0
    • None
    • TomEE Core Server
    • None

    Description

      We have a new vulnerability on johnzon-mapper-1.2.20.jar and johnzon-mapper-1.2.20-jakarta.jar, see below link.

      https://nvd.nist.gov/vuln/detail/CVE-2023-33008

      Looks like this is already addressed in 1.2.21

      Attachments

        Issue Links

        is fixed by

        Dependency upgrade - Upgrading a dependency to a newer version TOMEE-4228 Johnzon 1.2.21

        • Major - Major loss of function.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            rzo1 Richard Zowalla
            rthannee RAJU THANNEERU
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment