[
https://issues.apache.org/jira/browse/SOLR-15530?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
WCM RnD updated SOLR-15530:
---------------------------
Description:
High security vulnerability has been reported in jackson_databind bundled
within SOLR 8.9, few with CVSS score of 9.8:
|CVE-2018-7489|9.8|critical|fixed in 2.9.5, 2.8.11.1, 2.7.9.3|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
|CVE-2020-35490|8.1|high|*fixed in 2.9.10.8*|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
|CVE-2020-35491|8.1|high|*fixed in 2.9.10.8*|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
was:
High security vulnerability has been reported in jackson_databind bundled
within SOLR 8.9:
|CVE-2018-7489|9.8|critical|fixed in 2.9.5, 2.8.11.1, 2.7.9.3|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
|CVE-2020-35490|8.1|high|*fixed in 2.9.10.8*|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
|CVE-2020-35491|8.1|high|*fixed in 2.9.10.8*|
|com.fasterxml.jackson.core_jackson-databind_2.4.0|
> High security vulnerability in jackson-databind bundled within Solr 8.9
> -----------------------------------------------------------------------
>
> Key: SOLR-15530
> URL: https://issues.apache.org/jira/browse/SOLR-15530
> Project: Solr
> Issue Type: Bug
> Affects Versions: 8.9
> Reporter: WCM RnD
> Priority: Critical
>
> High security vulnerability has been reported in jackson_databind bundled
> within SOLR 8.9, few with CVSS score of 9.8:
>
> |CVE-2018-7489|9.8|critical|fixed in 2.9.5, 2.8.11.1, 2.7.9.3|
> |com.fasterxml.jackson.core_jackson-databind_2.4.0|
> |CVE-2020-35490|8.1|high|*fixed in 2.9.10.8*|
> |com.fasterxml.jackson.core_jackson-databind_2.4.0|
> |CVE-2020-35491|8.1|high|*fixed in 2.9.10.8*|
> |com.fasterxml.jackson.core_jackson-databind_2.4.0|
>
>
>
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
