Uploaded image for project: 'TomEE'
  1. TomEE
  2. TOMEE-4233

Upgrade johnzon-mapper to 1.2.21

    XMLWordPrintableJSON

Details

    • Dependency upgrade
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 8.0.15, 9.1.0
    • None
    • TomEE Core Server
    • None

    Description

      We have a new vulnerability on johnzon-mapper-1.2.20.jar and johnzon-mapper-1.2.20-jakarta.jar, see below link.

      https://nvd.nist.gov/vuln/detail/CVE-2023-33008

      Looks like this is already addressed in 1.2.21

      Attachments

        Issue Links

          is fixed by

          Dependency upgrade - Upgrading a dependency to a newer version TOMEE-4228 Johnzon 1.2.21

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              rzo1 Richard Zowalla
              rthannee RAJU THANNEERU
              Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: