[ https://issues.apache.org/jira/browse/ATLAS-2671?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Apoorv Naik updated ATLAS-2671: ------------------------------- Attachment: 0001-CVE-Jackson-and-Lucene-dependency-upgrade.patch 0002-CVE-Spring-upgrades.patch > Version upgrade to mitigate CVE > ------------------------------- > > Key: ATLAS-2671 > URL: https://issues.apache.org/jira/browse/ATLAS-2671 > Project: Atlas > Issue Type: Improvement > Reporter: Apoorv Naik > Assignee: Apoorv Naik > Priority: Major > Fix For: 1.0.0 > > Attachments: 0001-CVE-Jackson-and-Lucene-dependency-upgrade.patch, > 0002-CVE-Spring-upgrades.patch > > > Spring and Jackson have certain CVEs related to remote code execution. > Upgrading the versions would resolve this vulnerability. -- This message was sent by Atlassian JIRA (v7.6.3#76005)