]
Brian Stansberry updated WFLY-11887:
------------------------------------
Attachment: redhat-0006.txt
[CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries
-------------------------------------------------------------
Key: WFLY-11887
URL:
https://issues.jboss.org/browse/WFLY-11887
Project: WildFly
Issue Type: Bug
Components: REST
Affects Versions: 14.0.0.Final
Reporter: Radoslav Ivanov
Assignee: Brian Stansberry
Priority: Blocker
Fix For: 18.0.0.Final
Attachments: redhat-0006.txt
We have a couple of high prio vulnerabilities reported around usage of Jackson libraries
on WildFly with regards to CVE-2016-3720:
{code:java}
jackson-core-asl-1.9.13.jar
jackson-jaxrs-1.9.13.jar
jackson-mapper-asl-1.9.13.jar
jackson-xc-1.9.13.jar
{code}
Could you please review and remove/update them?