Loading...

XML

Word

Printable

Type: Component Upgrade
Resolution: Unresolved
Priority: Major
Fix Version/s: None
Affects Version/s: None
Component/s: JPA / Hibernate, MP LRA, MP OpenAPI, MP Reactive Messaging, REST, Security
Labels:
None

Git Pull Request:
https://github.com/wildfly/wildfly/pull/19743
[QE] How to address?:
---
[QE] Why QE missed?:
---

https://github.com/FasterXML/jackson-bom/releases/tag/jackson-bom-2.21.0
https://github.com/FasterXML/jackson-bom/releases/tag/jackson-bom-2.21.1

https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.21
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.21.1

https://github.com/advisories/GHSA-72hv-8253-57qq
https://nvd.nist.gov/vuln/detail/CVE-2026-29062

The NVD entry only lists 3.x thus some tools may not detect this vulnerability.

Additionally, Jackson 2.21.x is a "LTS" version (the current version 2.20.x is not).

Assignee:: Scott Marlow

Reporter:: Thomas Beckers

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2026/03/11 7:32 AM

Updated:: 2026/03/11 8:31 AM