[jira] [Commented] (CXF-8832) Update jettison jar to 1.5.4 or above to fix CVE-2023-1436

Andriy Redko (Jira) Mon, 03 Apr 2023 06:10:04 -0700


    [ 
https://issues.apache.org/jira/browse/CXF-8832?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17707963#comment-17707963
 ]


Andriy Redko commented on CXF-8832:
-----------------------------------

jettison had been updated already for all maintenance branches

> Update jettison jar to 1.5.4 or above to fix CVE-2023-1436
> ----------------------------------------------------------
>
>                 Key: CXF-8832
>                 URL: https://issues.apache.org/jira/browse/CXF-8832
>             Project: CXF
>          Issue Type: Bug
>            Reporter: Dhoka Pramod
>            Priority: Critical
>
> CVE-2023-1436 needs to be fixed in upcoming versions of cxf by updating 
> jettison jar to 1.5.4 or above.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (CXF-8832) Update jettison jar to 1.5.4 or above to fix CVE-2023-1436

Reply via email to