[ 
https://issues.apache.org/jira/browse/TOMEE-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]

Richard Zowalla reassigned TOMEE-4623:
--------------------------------------

    Fix Version/s: 11.0.0
         Assignee: Richard Zowalla
          Summary: Jackson 2.22.0  (was: Upgrade Jackson)

> Jackson 2.22.0
> --------------
>
>                 Key: TOMEE-4623
>                 URL: https://issues.apache.org/jira/browse/TOMEE-4623
>             Project: TomEE
>          Issue Type: Dependency upgrade
>          Components: TomEE Core Server
>            Reporter: RAJU THANNEERU
>            Assignee: Richard Zowalla
>            Priority: Major
>             Fix For: 10.1.6, 11.0.0
>
>
> |[CVE-2026-54512|https://nvd.nist.gov/vuln/detail/CVE-2026-54512]|8.1|high|fixed
>  in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54513|https://nvd.nist.gov/vuln/detail/CVE-2026-54513]|8.1|high|fixed
>  in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54514|https://nvd.nist.gov/vuln/detail/CVE-2026-54514]|5.3|medium|fixed
>  in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54515|https://nvd.nist.gov/vuln/detail/CVE-2026-54515]|5.3|medium|fixed
>  in 3.1.4, 2.21.5, 2.18.9|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54516|https://nvd.nist.gov/vuln/detail/CVE-2026-54516]|5.3|medium|fixed
>  in 3.1.4, 2.21.4|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54517|https://nvd.nist.gov/vuln/detail/CVE-2026-54517]|5.3|medium|fixed
>  in 3.1.4, 2.21.4|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54518|https://nvd.nist.gov/vuln/detail/CVE-2026-54518]|6.5|medium|fixed
>  in 2.21.4|2026-06-24 03:37:17 +0000 
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to