[HADOOP-17601] Upgrade Jackson databind in branch-2.10 to 2.9.10.7 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Bug
Status: Resolved
Priority: Major
Resolution: Fixed
Affects Version/s: None
Fix Version/s: 2.10.2
Component/s: None
Labels:
- pull-request-available

Description

Two known vulnerabilities found in Jackson-databind

CVE-2021-20190 high severity
CVE-2020-25649 high severity

Attachments

Attachments

- Sort By Name
- Sort By Date
- Ascending
- Descending

HADOOP-17601.branch-2.10.001.patch
24/Mar/21 17:55
0.5 kB
Ahmed Hussein

Issue Links

links to

GitHub Pull Request #2835

Activity

People

Assignee:: Ahmed Hussein

Reporter:: Ahmed Hussein

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 24/Mar/21 16:19

Updated:: 27/Sep/21 12:39

Resolved:: 13/Apr/21 00:43

Time Tracking

Estimated:

Not Specified

Remaining:

0h

Logged:

50m