[
https://issues.apache.org/jira/browse/BEAM-7880?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ismaël Mejía updated BEAM-7880:
-------------------------------
Description:
Jackson 2.9.9 and earlier versions have multiple CVEs:
https://www.cvedetails.com/cve/CVE-2019-12814
https://www.cvedetails.com/cve/CVE-2019-12384
was:
Jackson 2.10.0.pr1 fixes two medium-rating security issues:
https://www.cvedetails.com/cve/CVE-2019-12814
https://www.cvedetails.com/cve/CVE-2019-12384
> Upgrade Jackson databind to version 2.9.9.2
> -------------------------------------------
>
> Key: BEAM-7880
> URL: https://issues.apache.org/jira/browse/BEAM-7880
> Project: Beam
> Issue Type: Improvement
> Components: build-system, sdk-java-core
> Reporter: Ismaël Mejía
> Assignee: Ismaël Mejía
> Priority: Blocker
> Fix For: 2.15.0
>
> Time Spent: 40m
> Remaining Estimate: 0h
>
> Jackson 2.9.9 and earlier versions have multiple CVEs:
> https://www.cvedetails.com/cve/CVE-2019-12814
> https://www.cvedetails.com/cve/CVE-2019-12384
--
This message was sent by Atlassian JIRA
(v7.6.14#76016)
