Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-51747

Jackson-Databind needs to be upgraded to 2.9.4+ to address CVE-2018-5968

    XMLWordPrintable

    Details

    • Similar Issues:

      Description

      github plugin is using a vulnerable version of the jackson databind jar file.  The jar file needs to be upgraded to 2.9.4+ to resolve the vulnerability.

        Attachments

          Activity

          There are no comments yet on this issue.

            People

            • Assignee:
              lanwen Kirill Merkushev
              Reporter:
              bstephens Bill Stephens
            • Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

              • Created:
                Updated: