[TINKERPOP-2260] Update jackson databind 2.9.9.1 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: Improvement
Status: Closed
Priority: Minor
Resolution: Fixed
Affects Version/s: 3.3.7, 3.4.2
Fix Version/s: 3.3.8, 3.4.3, 3.5.0
Component/s: io
Labels:
None

Description

Vulnerable to deserialization of untrusted data with logback-core or jdom on the classpath.
Upgrade to 2.9.9.1 or higher.

Attachments

Activity

People

Assignee:: Robert Dale

Reporter:: Robert Dale

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Dates

Created:: 10/Jul/19 11:59

Updated:: 05/Aug/19 10:53

Resolved:: 05/Aug/19 10:53