Uploaded image for project: 'mod-data-import'
  1. mod-data-import
  2. MODDATAIMP-37

Security vulnerability reported in jackson-databind

    XMLWordPrintable

    Details

    • Template:
    • Sprint:
      EPAM BatchLoader Sprint 3
    • Development Team:
      Folijet
    • Epic Link:

      Description

      Github reports:

      Known *high severity* security vulnerability detected in `com.fasterxml.jackson.core:jackson-databind >= 2.7.0, < 2.7.9.1` defined in [`pom.xml`](https://github.com/folio-org/mod-data-import/blob/master/pom.xml).

      [`pom.xml`](https://github.com/folio-org/mod-data-import/blob/master/pom.xml) update suggested: `com.fasterxml.jackson.core:jackson-databind ~> 2.7.9.1`.

      Based on what we've seen in other tickets (FOLIO-1580), version 2.9.5 or greater is recommended.

        TestRail: Results

          Attachments

            Issue Links

            blocks

            Umbrella - FOLIO-1580 Fix security vulnerabilities reported in jackson-databind

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            relates to

            New Feature - New feature requests UXPROD-656 Data Import (Batch Importer for Bib Acq) Infrastructure and Planning

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

              Activity

                People

                Assignee:
                OleksiiKuzminov Oleksii Kuzminov
                Reporter:
                peter Peter Murray
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                  Dates

                  Created:
                  Updated:
                  Resolved:

                    TestRail: Runs

                      TestRail: Cases