[jira] [Closed] (SLING-9585) Update Jackson DataBind

Robert Munteanu (Jira) Fri, 18 Mar 2022 08:08:45 -0700


     [ 
https://issues.apache.org/jira/browse/SLING-9585?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Robert Munteanu closed SLING-9585.
----------------------------------

> Update Jackson DataBind
> -----------------------
>
>                 Key: SLING-9585
>                 URL: https://issues.apache.org/jira/browse/SLING-9585
>             Project: Sling
>          Issue Type: Improvement
>          Components: Starter
>    Affects Versions: Starter 11
>            Reporter: Dan Klco
>            Assignee: Dan Klco
>            Priority: Major
>             Fix For: Starter 12
>
>
> The current version of Jackson DataBind packaged in Sling Starter 11 has a 
> number of known vulnerabilities and should be updated. This includes critical 
> vulnerabilities such as:
> CVE-2019-17267
> CVE-2019-17531
> CVE-2019-14540
> CVE-2019-16335
> The recommendation is to upgrade to 2.9.10.5.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Closed] (SLING-9585) Update Jackson DataBind

Reply via email to