[ https://issues.apache.org/jira/browse/ZOOKEEPER-4523?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Margarita Stoilova resolved ZOOKEEPER-4523. ------------------------------------------- Resolution: Fixed > Zookeeper - jackson-databind vulnerability > ------------------------------------------- > > Key: ZOOKEEPER-4523 > URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4523 > Project: ZooKeeper > Issue Type: Bug > Affects Versions: 3.8.0 > Reporter: Margarita Stoilova > Priority: Major > > Hello, > According to > [https://github.com/hapifhir/hapi-fhir/issues/3467|https://github.com/hapifhir/hapi-fhir/issues/3467] > and [https://github.com/advisories/GHSA-57j2-w4cx-62h2] all versions of > com.fasterxml.jackson.core:jackson-databind up to version 2.13.2 are > vulnerable to CVE-2020-36518. > Would it be possible to update the package in Zookeeper? -- This message was sent by Atlassian Jira (v8.20.10#820010)