[
https://issues.apache.org/jira/browse/CASSANDRA-15828?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17178989#comment-17178989
]
Kevin Eveker commented on CASSANDRA-15828:
------------------------------------------
[~mdenihan] we will upgrade to the latest version 3.11.7, can you confirm that
org.codehaus.jackson:jackson-mapper-asl:1.9.2 has been removed from the
distribution and will thus no longer show up in scans?
> Remove jackson-mapper-asl-1.9.13 to address CVE
> -----------------------------------------------
>
> Key: CASSANDRA-15828
> URL: https://issues.apache.org/jira/browse/CASSANDRA-15828
> Project: Cassandra
> Issue Type: Improvement
> Reporter: Kevin Eveker
> Priority: Normal
>
> Recent scan results identified the following CVE that require this upgrade to
> address
> [https://nvd.nist.gov/vuln/detail/CVE-2019-10172]
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
