Anupam Aggarwal created FLINK-37078: ---------------------------------------
Summary: Update jackson-mapper-asl dependency Key: FLINK-37078 URL: https://issues.apache.org/jira/browse/FLINK-37078 Project: Flink Issue Type: Bug Components: FileSystems Reporter: Anupam Aggarwal Flink includes org.codehaus.jackson:jackson-mapper-asl:1.9.13 which contains [CVE-2019-10202|https://nvd.nist.gov/vuln/detail/cve-2019-10202] There seems to be a version - org.codehaus.jackson/jackson-mapper-asl/1.9.14.jdk17-redhat-00001 (in redhat GA repository) which is not flagged as vulnerable More details at [https://nvd.nist.gov/vuln/detail/cve-2019-10202] -- This message was sent by Atlassian Jira (v8.20.10#820010)