Uploaded image for project: 'Jenkins'
  1. Jenkins
  2. JENKINS-51747

Jackson-Databind needs to be upgraded to 2.9.4+ to address CVE-2018-5968

XMLWordPrintable

    • Icon: Improvement Improvement
    • Resolution: Unresolved
    • Icon: Major Major
    • github-plugin
    • None

      github plugin is using a vulnerable version of the jackson databind jar file.  The jar file needs to be upgraded to 2.9.4+ to resolve the vulnerability.

            lanwen Kirill Merkushev
            bstephens Bill Stephens
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated: