[jira] [Updated] (ZOOKEEPER-4628) CVE-2022-42003 CVE-2022-42004 HIGH: upgrade jackson-databind-2.13.3.jar to 2.13.4.1

ASF GitHub Bot (Jira) Wed, 26 Oct 2022 15:35:50 -0700


     [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-4628?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


ASF GitHub Bot updated ZOOKEEPER-4628:
--------------------------------------
    Labels: pull-request-available  (was: )

> CVE-2022-42003 CVE-2022-42004 HIGH: upgrade jackson-databind-2.13.3.jar to 
> 2.13.4.1
> -----------------------------------------------------------------------------------
>
>                 Key: ZOOKEEPER-4628
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-4628
>             Project: ZooKeeper
>          Issue Type: Task
>          Components: security
>    Affects Versions: 3.5.10, 3.8.0, 3.7.1
>            Reporter: Ivo Dujmovic
>            Priority: Critical
>              Labels: pull-request-available
>          Time Spent: 10m
>  Remaining Estimate: 0h
>
> Two High issues 
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42003]
> [https://nvd.nist.gov/vuln/detail/CVE-2022-42004]
> affect jackson version 2.13.3 which zk should update to 2.13.4.1 
> Other projects have done this, but Zookeeper has not.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Updated] (ZOOKEEPER-4628) CVE-2022-42003 CVE-2022-42004 HIGH: upgrade jackson-databind-2.13.3.jar to 2.13.4.1

Reply via email to