[jira] [Commented] (CASSANDRA-17460) Upgrade jackson-databind for CVE-2020-36518

Tue, 22 Mar 2022 01:01:07 -0700 


    [ 
https://issues.apache.org/jira/browse/CASSANDRA-17460?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17510305#comment-17510305
 ] 

Berenguer Blasi commented on CASSANDRA-17460:
---------------------------------------------

LGTM +1

> Upgrade jackson-databind for CVE-2020-36518
> -------------------------------------------
>
>                 Key: CASSANDRA-17460
>                 URL: https://issues.apache.org/jira/browse/CASSANDRA-17460
>             Project: Cassandra
>          Issue Type: Sub-task
>          Components: Build
>            Reporter: Brandon Williams
>            Assignee: Brandon Williams
>            Priority: Normal
>             Fix For: 4.0.x, 4.x
>
>
> jackson-databind-2.12.5.jar is vulnerable and should be upgraded.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to