New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

CVE-2016-3720 allows attackers to have unspecified impact via unknown vectors #292

Closed

danijelst opened this issue Jun 15, 2016 · 1 comment

danijelst commented Jun 15, 2016

In NVD a security impact was raised: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-3720

Member

cowtowncoder commented Jun 15, 2016 •

edited

Loading

Yes, and fixed as

FasterXML/jackson-dataformat-xml#190

for 2.7.4. Before publication authors verified that fix exists.

cowtowncoder closed this as completed

benkiefer mentioned this issue

Upgrade Jackson to fix CVE spring-projects/spring-boot#6512

Closed

wilkinsona mentioned this issue

Consider downgrading Jackson to 2.6 spring-projects/spring-boot#6536

Closed

agebhar1 mentioned this issue

backport fix of #292 to version 2.6.x #310

Closed

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment