Uploaded image for project: 'Struts 2'
  1. Struts 2
  2. WW-5038

Upgrade jackson-databind to version 2.9.9.3

    XMLWordPrintableJSON

Details

    • Dependency
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • None
    • 2.5.22, 6.0.0
    • Plugin - REST
    • None

    Description

      One or more dependencies were identified with known vulnerabilities in Struts 2 REST Plugin:

      jackson-databind-2.9.8.jar (cpe:/a:fasterxml:jackson:2.9.8, cpe:/a:fasterxml:jackson-databind:2.9.8, com.fasterxml.jackson.core:jackson-databind:2.9.8) : CVE-2019-14379, CVE-2019-12814, CVE-2019-14439, CVE-2019-12086, CVE-2019-12384

      Attachments

        Issue Links

          is superceded by

          Dependency - Issue is dependent on ... WW-5042 Upgrade jackson-databind to version 2.10.0

          • Minor - Minor loss of function, or other problem where easy workaround is present.
          • Closed
          links to

          Web Link GitHub Pull Request #365

          Activity

            People

              lukaszlenart Lukasz Lenart
              lukaszlenart Lukasz Lenart
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: