[
https://issues.apache.org/jira/browse/TOMEE-4623?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Richard Zowalla closed TOMEE-4623.
----------------------------------
Resolution: Fixed
> Jackson 2.22.0
> --------------
>
> Key: TOMEE-4623
> URL: https://issues.apache.org/jira/browse/TOMEE-4623
> Project: TomEE
> Issue Type: Dependency upgrade
> Components: TomEE Core Server
> Reporter: RAJU THANNEERU
> Assignee: Richard Zowalla
> Priority: Major
> Fix For: 10.1.6, 11.0.0
>
>
> |[CVE-2026-54512|https://nvd.nist.gov/vuln/detail/CVE-2026-54512]|8.1|high|fixed
> in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54513|https://nvd.nist.gov/vuln/detail/CVE-2026-54513]|8.1|high|fixed
> in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54514|https://nvd.nist.gov/vuln/detail/CVE-2026-54514]|5.3|medium|fixed
> in 3.1.4, 2.21.4, 2.18.8|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54515|https://nvd.nist.gov/vuln/detail/CVE-2026-54515]|5.3|medium|fixed
> in 3.1.4, 2.21.5, 2.18.9|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54516|https://nvd.nist.gov/vuln/detail/CVE-2026-54516]|5.3|medium|fixed
> in 3.1.4, 2.21.4|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54517|https://nvd.nist.gov/vuln/detail/CVE-2026-54517]|5.3|medium|fixed
> in 3.1.4, 2.21.4|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
> |[CVE-2026-54518|https://nvd.nist.gov/vuln/detail/CVE-2026-54518]|6.5|medium|fixed
> in 2.21.4|2026-06-24 03:37:17 +0000
> UTC|/usr/local/tomee/lib/jackson-databind-2.21.2.jar|
--
This message was sent by Atlassian Jira
(v8.20.10#820010)