[ https://issues.apache.org/jira/browse/TINKERPOP-2016?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Luke Daugherty updated TINKERPOP-2016: -------------------------------------- Description: The jackson libraries included in groovy-shaded-3.3.3 have a CVE reported against them so the library is reported as High risk by vulnerability scanners such as Nexus. *[CVE-2018-7489|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7489]* was: The jackson libraries included in groovy-shaded-3.3.3 have a CVE reported against so the library is reported as High risk by vulnerability scanners. such as Nexus. *[CVE-2018-7489|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7489]* > Upgrade Jackson FasterXML to 2.9.5 or later to fix security vulnerability > ------------------------------------------------------------------------- > > Key: TINKERPOP-2016 > URL: https://issues.apache.org/jira/browse/TINKERPOP-2016 > Project: TinkerPop > Issue Type: Bug > Affects Versions: 3.3.3 > Reporter: Luke Daugherty > Priority: Major > > The jackson libraries included in groovy-shaded-3.3.3 have a CVE reported > against them so the library is reported as High risk by vulnerability > scanners such as Nexus. > *[CVE-2018-7489|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7489]* -- This message was sent by Atlassian JIRA (v7.6.3#76005)