[jboss-jira] [JBoss JIRA] (WFLY-11887) [CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries
Brian Stansberry (Jira)
issues at jboss.org
Wed Oct 2 14:35:00 EDT 2019
[ https://issues.jboss.org/browse/WFLY-11887?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Brian Stansberry updated WFLY-11887:
------------------------------------
Attachment: redhat-0006.txt
> [CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries
> -------------------------------------------------------------
>
> Key: WFLY-11887
> URL: https://issues.jboss.org/browse/WFLY-11887
> Project: WildFly
> Issue Type: Bug
> Components: REST
> Affects Versions: 14.0.0.Final
> Reporter: Radoslav Ivanov
> Assignee: Brian Stansberry
> Priority: Blocker
> Fix For: 18.0.0.Final
>
> Attachments: redhat-0006.txt
>
>
> We have a couple of high prio vulnerabilities reported around usage of Jackson libraries on WildFly with regards to CVE-2016-3720:
> {code:java}
> jackson-core-asl-1.9.13.jar
> jackson-jaxrs-1.9.13.jar
> jackson-mapper-asl-1.9.13.jar
> jackson-xc-1.9.13.jar
> {code}
> Could you please review and remove/update them?
--
This message was sent by Atlassian Jira
(v7.13.8#713008)
More information about the jboss-jira
mailing list