Details
-
Dependency upgrade
-
Status: Resolved
-
Major
-
Resolution: Duplicate
-
8.0.15, 9.1.0
-
None
-
None
Description
We have a new vulnerability on johnzon-mapper-1.2.20.jar and johnzon-mapper-1.2.20-jakarta.jar, see below link.
https://nvd.nist.gov/vuln/detail/CVE-2023-33008
Looks like this is already addressed in 1.2.21
Attachments
Issue Links
- is fixed by
-
TOMEE-4228 Johnzon 1.2.21
- Closed