Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-10608

Vulnerabilities in Jackson JSON parser

    XMLWordPrintable

    Details

      Description

      The current jackson-databind version (2.6.6) contains multiple vulnerabilities (https://github.com/FasterXML/jackson-databind/issues/1904) that were fixed in the 2.8.11 version. This also applies to jjwt dependency (https://github.com/jwtk/jjwt/issues/302).

      Thanks to Tomasz Jochimski for the contribution.

        Attachments

          Activity

            People

            Assignee:
            simon.brandhof Simon Brandhof (Inactive)
            Reporter:
            simon.brandhof Simon Brandhof (Inactive)
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Dates

              Due:
              Created:
              Updated:
              Resolved: