Uploaded image for project: 'mod-data-import'
  1. mod-data-import
  2. MODDATAIMP-37

Security vulnerability reported in jackson-databind

    XMLWordPrintable

Details

    • EPAM BatchLoader Sprint 3
    • Folijet

    Description

      Github reports:

      Known *high severity* security vulnerability detected in `com.fasterxml.jackson.core:jackson-databind >= 2.7.0, < 2.7.9.1` defined in [`pom.xml`](https://github.com/folio-org/mod-data-import/blob/master/pom.xml).

      [`pom.xml`](https://github.com/folio-org/mod-data-import/blob/master/pom.xml) update suggested: `com.fasterxml.jackson.core:jackson-databind ~> 2.7.9.1`.

      Based on what we've seen in other tickets (FOLIO-1580), version 2.9.5 or greater is recommended.

      TestRail: Results

        Attachments

          Issue Links

            blocks

            Umbrella - FOLIO-1580 Fix security vulnerabilities reported in jackson-databind

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed
            relates to

            New Feature - New feature requests UXPROD-656 Data Import (Batch Importer for Bib Acq) Infrastructure and Planning

            • P3 - low priority level, item will be considered for inclusion in the next dev cycle
            • Closed

            Activity

              People

                OleksiiKuzminov Oleksii Kuzminov
                peter Peter Murray
                Votes:
                0 Vote for this issue
                Watchers:
                2 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  TestRail: Runs

                    TestRail: Cases