Skip to:

  1. Skip to Jira Navigation
  2. Skip to Side Navigation
  3. Skip to Main Content

CVE-2019-12814 jackson-databind security vulnerability

Description

Update jackson-databind to 2.9.9.1 to fix this security vulnerability where a specifically crafted JSON message allows to read arbitrary local files on the server.
References:
https://github.com/FasterXML/jackson-databind/issues/2341
https://nvd.nist.gov/vuln/detail/CVE-2019-12814

CSP Request Details

None

CSP Rejection Details

None

Potential Workaround

None

Checklist

hide

TestRail: Results

Activity

Show:
Done

Details

Assignee

Reporter

Labels

Priority

Story Points

Sprint

Development Team

Core: Platform

Fix versions

TestRail: Cases

Open TestRail: Cases

TestRail: Runs

Open TestRail: Runs
Created July 18, 2019 at 3:00 PM
Updated January 3, 2020 at 2:30 PM
Resolved July 18, 2019 at 3:46 PM
Configure
TestRail: Cases
TestRail: Runs