Dan Klco created SLING-9585:
-------------------------------
Summary: Update Jackson DataBind
Key: SLING-9585
URL: https://issues.apache.org/jira/browse/SLING-9585
Project: Sling
Issue Type: Improvement
Components: Starter
Affects Versions: Starter 11
Reporter: Dan Klco
Assignee: Dan Klco
Fix For: Starter 12
The current version of Jackson DataBind packaged in Sling Starter 11 has a
number of known vulnerabilities and should be updated. This includes critical
vulnerabilities such as:
CVE-2019-17267
CVE-2019-17531
CVE-2019-14540
CVE-2019-16335
The recommendation is to upgrade to 2.9.10.5.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
