[jboss-jira] [JBoss JIRA] (WFLY-6713) Upgrade Jackson to 2.7.4 due to CVE-2016-3720
Alessio Soldano (JIRA)
issues at jboss.org
Tue Jul 12 17:35:00 EDT 2016
[ https://issues.jboss.org/browse/WFLY-6713?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13264462#comment-13264462 ]
Alessio Soldano commented on WFLY-6713:
---------------------------------------
We're not directly affected by the vulnerability, however we're going to upgrade to 2.7.4 which contains the cve fix.
> Upgrade Jackson to 2.7.4 due to CVE-2016-3720
> ---------------------------------------------
>
> Key: WFLY-6713
> URL: https://issues.jboss.org/browse/WFLY-6713
> Project: WildFly
> Issue Type: Component Upgrade
> Components: REST
> Reporter: Juergen Zimmermann
> Assignee: Alessio Soldano
>
> Jackson 2.7.3 is currently used, but reported at https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720
--
This message was sent by Atlassian JIRA
(v6.4.11#64026)
More information about the jboss-jira
mailing list