[jira] [Commented] (TINKERPOP-2809) High severity security vulnerability found in jackson databind

Aaron Coady (Jira) Tue, 11 Oct 2022 05:56:52 -0700


    [ 
https://issues.apache.org/jira/browse/TINKERPOP-2809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17615762#comment-17615762
 ]


Aaron Coady commented on TINKERPOP-2809:
----------------------------------------

[~kenhuuu]

Thanks for the feedback, I will update the PRs. I think it may be best to wait 
for a full release of 2.14 as they have just moved to rc2.

 

> High severity security vulnerability found in jackson databind
> --------------------------------------------------------------
>
>                 Key: TINKERPOP-2809
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2809
>             Project: TinkerPop
>          Issue Type: Bug
>          Components: server
>    Affects Versions: 3.6.1
>            Reporter: Aaron Coady
>            Priority: Major
>
> Two High security vulnerabilities in jackson databind. Here are the two 
> links. 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42003]
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42004]
> Fixes are in 2.14.0



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TINKERPOP-2809) High severity security vulnerability found in jackson databind

Reply via email to