[jira] [Updated] (BEAM-7880) Upgrade Jackson databind to version 2.9.9.2


     [ 
https://issues.apache.org/jira/browse/BEAM-7880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


Ismaël Mejía updated BEAM-7880:
-------------------------------
    Description: 
Jackson databind 2.9.9 and earlier versions have multiple CVEs:

https://www.cvedetails.com/cve/CVE-2019-12814
https://www.cvedetails.com/cve/CVE-2019-12384
https://www.cvedetails.com/cve/CVE-2019-14379
https://www.cvedetails.com/cve/CVE-2019-14439

  was:
Jackson Databind 2.9.9 and earlier versions have multiple CVEs:

https://www.cvedetails.com/cve/CVE-2019-12814
https://www.cvedetails.com/cve/CVE-2019-12384
https://www.cvedetails.com/cve/CVE-2019-14379
https://www.cvedetails.com/cve/CVE-2019-14439


> Upgrade Jackson databind to version 2.9.9.2
> -------------------------------------------
>
>                 Key: BEAM-7880
>                 URL: https://issues.apache.org/jira/browse/BEAM-7880
>             Project: Beam
>          Issue Type: Improvement
>          Components: build-system, sdk-java-core
>            Reporter: Ismaël Mejía
>            Assignee: Ismaël Mejía
>            Priority: Blocker
>             Fix For: 2.15.0
>
>          Time Spent: 50m
>  Remaining Estimate: 0h
>
> Jackson databind 2.9.9 and earlier versions have multiple CVEs:
> https://www.cvedetails.com/cve/CVE-2019-12814
> https://www.cvedetails.com/cve/CVE-2019-12384
> https://www.cvedetails.com/cve/CVE-2019-14379
> https://www.cvedetails.com/cve/CVE-2019-14439



--
This message was sent by Atlassian JIRA
(v7.6.14#76016)

[jira] [Updated] (BEAM-7880) Upgrade Jackson databind to version 2.9.9.2

Reply via email to