[ https://issues.apache.org/jira/browse/NIFI-9952?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Jason-Morries Adam updated NIFI-9952: ------------------------------------- Summary: Upgrade Jackson to 2.13.2.2 using BOM (was: Upgrade Jackson to 2.13.2.2 using POM) > Upgrade Jackson to 2.13.2.2 using BOM > ------------------------------------- > > Key: NIFI-9952 > URL: https://issues.apache.org/jira/browse/NIFI-9952 > Project: Apache NiFi > Issue Type: Bug > Reporter: Jason-Morries Adam > Assignee: David Handermann > Priority: Major > Fix For: 1.17.0, 1.16.1 > > Time Spent: 50m > Remaining Estimate: 0h > > Jackson should be upgraded to 2.13.2.2 due to the following CVE: > [CVE-2020-36518|https://github.com/advisories/GHSA-57j2-w4cx-62h2] > (Link: https://github.com/advisories/GHSA-57j2-w4cx-62h2) > > You can find the newest versions of jackson at > https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind -- This message was sent by Atlassian Jira (v8.20.7#820007)