[jira] [Commented] (TINKERPOP-2809) High severity security vulnerability found in jackson databind

Stephen Mallette (Jira) Tue, 11 Oct 2022 05:58:55 -0700


    [ 
https://issues.apache.org/jira/browse/TINKERPOP-2809?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17615763#comment-17615763
 ]


Stephen Mallette commented on TINKERPOP-2809:
---------------------------------------------

+1 to wait for a full release and to avoid the rc

> High severity security vulnerability found in jackson databind
> --------------------------------------------------------------
>
>                 Key: TINKERPOP-2809
>                 URL: https://issues.apache.org/jira/browse/TINKERPOP-2809
>             Project: TinkerPop
>          Issue Type: Bug
>          Components: server
>    Affects Versions: 3.6.1
>            Reporter: Aaron Coady
>            Priority: Major
>
> Two High security vulnerabilities in jackson databind. Here are the two 
> links. 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42003]
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42004]
> Fixes are in 2.14.0



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (TINKERPOP-2809) High severity security vulnerability found in jackson databind

Reply via email to