[jira] [Created] (CURATOR-683) Update dependencies: com.fasterxml.jackson.core

Slavik (Jira) Wed, 02 Aug 2023 08:51:06 -0700

Slavik created CURATOR-683:
------------------------------

             Summary: Update dependencies: com.fasterxml.jackson.core
                 Key: CURATOR-683
                 URL: https://issues.apache.org/jira/browse/CURATOR-683
             Project: Apache Curator
          Issue Type: Task
    Affects Versions: 5.5.0
            Reporter: Slavik
            Assignee: Enrico Olivelli



There are 2 com.fasterxml.jackson.core dependencies:
 * jackson-core
 * 
jackson-databind

Both are at version 2.10.0

These dependencies bring CVEs:
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42004] (resource 
exhaustion)
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-42003] (resource 
exhaustion)
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-46877] (denial of 
service)
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518] (denial of 
service)
 * [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25649] (data 
integrity)

 



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (CURATOR-683) Update dependencies: com.fasterxml.jackson.core

Reply via email to