[jira] [Commented] (TINKERPOP-2016) Upgrade Jackson FasterXML to 2.9.5 or later to fix security vulnerability

ASF GitHub Bot (JIRA) Thu, 02 Aug 2018 04:14:41 -0700


    [ 
https://issues.apache.org/jira/browse/TINKERPOP-2016?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=16566637#comment-16566637
 ]


ASF GitHub Bot commented on TINKERPOP-2016:
-------------------------------------------

Github user robertdale commented on the issue:

    https://github.com/apache/tinkerpop/pull/904
  
    @spmallette Thanks. 


> Upgrade Jackson FasterXML to 2.9.5 or later to fix security vulnerability
> -------------------------------------------------------------------------
>
>                 Key: TINKERPOP-2016
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2016
>             Project: TinkerPop
>          Issue Type: Bug
>    Affects Versions: 3.3.3, 3.2.9
>            Reporter: Luke Daugherty
>            Assignee: Robert Dale
>            Priority: Major
>              Labels: security
>
> The jackson libraries included in groovy-shaded-3.3.3 have a CVE reported 
> against them so the library is reported as High risk by vulnerability 
> scanners such as Nexus.
> *[CVE-2018-7489|http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7489]*



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

[jira] [Commented] (TINKERPOP-2016) Upgrade Jackson FasterXML to 2.9.5 or later to fix security vulnerability

Reply via email to