[JBoss JIRA] (WFLY-11887) [CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries

Wednesday, 2 October 2019

     [
https://issues.jboss.org/browse/WFLY-11887?page=com.atlassian.jira.plugin...
]

Brian Stansberry updated WFLY-11887:
------------------------------------
    Security:     (was: Security Issue)

...
 [CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries
 -------------------------------------------------------------

                 Key: WFLY-11887
                 URL: https://issues.jboss.org/browse/WFLY-11887
             Project: WildFly
          Issue Type: Bug
          Components: REST
    Affects Versions: 14.0.0.Final
            Reporter: Radoslav Ivanov
            Assignee: Brian Stansberry
            Priority: Blocker
             Fix For: 18.0.0.Final

 We have a couple of high prio vulnerabilities reported around usage of Jackson libraries
on WildFly with regards to CVE-2016-3720:
 {code:java}
 jackson-core-asl-1.9.13.jar	
 jackson-jaxrs-1.9.13.jar	
 jackson-mapper-asl-1.9.13.jar	
 jackson-xc-1.9.13.jar
 {code}
 Could you please review and remove/update them? 

--
This message was sent by Atlassian Jira
(v7.13.8#713008)

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006