Uploaded image for project: 'SonarQube'
  1. SonarQube
  2. SONAR-10608

Vulnerabilities in Jackson JSON parser

    Details

      Description

      The current jackson-databind version (2.6.6) contains multiple vulnerabilities (https://github.com/FasterXML/jackson-databind/issues/1904) that were fixed in the 2.8.11 version. This also applies to jjwt dependency (https://github.com/jwtk/jjwt/issues/302).

      Thanks to Tomasz Jochimski for the contribution.

        Attachments

          Activity

            People

            • Assignee:
              simon.brandhof Simon Brandhof
              Reporter:
              simon.brandhof Simon Brandhof
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Due:
                Created:
                Updated:
                Resolved: