[jira] [Created] (HIVE-26391) [CVE-2020-36518] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1 to fix the vulnerability.

Aman Raj (Jira) Wed, 13 Jul 2022 23:29:08 -0700

Aman Raj created HIVE-26391:
-------------------------------

             Summary: [CVE-2020-36518] Upgrade 
com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1 to fix the 
vulnerability.
                 Key: HIVE-26391
                 URL: https://issues.apache.org/jira/browse/HIVE-26391
             Project: Hive
          Issue Type: Bug
          Components: Hive
            Reporter: Aman Raj



jackson-databind is a data-binding package for the Jackson Data Processor. 
jackson-databind allows a Java stack overflow exception and denial of service 
via a large depth of nested objects.

Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1 to 
fix the vulnerability.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (HIVE-26391) [CVE-2020-36518] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.13.0 to 2.13.2.1 to fix the vulnerability.

Reply via email to