Uploaded image for project: 'WildFly'
  1. WildFly
  2. WFLY-11887

[CVE-2016-3720]: Usage of vulnarable Jackson 1.9.13 libraries

    Details

    • Type: Bug
    • Status: Closed (View Workflow)
    • Priority: Blocker
    • Resolution: Done
    • Affects Version/s: 14.0.0.Final
    • Fix Version/s: 18.0.0.Final
    • Component/s: REST
    • Labels:
      None

      Description

      We have a couple of high prio vulnerabilities reported around usage of Jackson libraries on WildFly with regards to CVE-2016-3720:

      jackson-core-asl-1.9.13.jar	
      jackson-jaxrs-1.9.13.jar	
      jackson-mapper-asl-1.9.13.jar	
      jackson-xc-1.9.13.jar
      

      Could you please review and remove/update them?

        Gliffy Diagrams

          Attachments

            Issue Links

              Activity

                People

                • Assignee:
                  brian.stansberry Brian Stansberry
                  Reporter:
                  rady66 Radoslav Ivanov
                  Involved:
                  Alessio Soldano, Carlo de Wolf, James Perkins, Kabir Khan, Marek Kopecky, Martin Svehla, Ronald Sigal, Thomas Jenkinson
                • Votes:
                  0 Vote for this issue
                  Watchers:
                  5 Start watching this issue

                  Dates

                  • Created:
                    Updated:
                    Resolved: