[jira] [Created] (PARQUET-2127) Security risk in latest parquet-jackson-1.12.2.jar

phoebe chen (Jira) Thu, 17 Feb 2022 12:32:19 -0800

phoebe chen created PARQUET-2127:
------------------------------------

             Summary: Security risk in latest parquet-jackson-1.12.2.jar
                 Key: PARQUET-2127
                 URL: https://issues.apache.org/jira/browse/PARQUET-2127
             Project: Parquet
          Issue Type: Improvement
            Reporter: phoebe chen



Embed jackson-databind:2.11.4 has security risk of Possible DoS if using JDK 
serialization to serialize JsonNode 
([https://github.com/FasterXML/jackson-databind/issues/3328] ), upgrade to 
2.13.1 can fix this.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Created] (PARQUET-2127) Security risk in latest parquet-jackson-1.12.2.jar

Reply via email to