Loading...

XML

Word

Printable

Type: Bug
Resolution: Fixed
Priority: High
Fix Version/s: 7.13.16, 8.5.7, 8.9.2, 8.10.1, 8.11.0
Affects Version/s: 8.8.1
Component/s: REST API
Labels:

Fixed in Long Term Support Release/s:

Download 7.13, 8.5
Introduced in Version:
8.08
Support reference count:
1
Symptom Severity:
Severity 1 - Critical

Issue Summary

Jira Server used a vulnerable version of jackson-databind .
In specific, the issue was present in FasterXML jackson-databind 2.x before 2.9.10.2 . More information here: https://nvd.nist.gov/vuln/detail/CVE-2019-20330.
Upgrade jackson-databind to at least version 2.9.10.20200103 .

Steps to Reproduce

n/a

Expected Results

n/a

Actual Results

n/a

Workaround

N/A

relates to: RAID-1938 Loading...

Assignee:: Mateusz Ostaszewski (Inactive)
Reporter:: alexmin (Inactive)
Votes:: 0 Vote for this issue
Watchers:: 5 Start watching this issue

Due:: 26/Jul/2020
Created:: 27/Apr/2020 3:45 AM
Updated:: 17/Oct/2024 1:26 PM
Resolved:: 15/Jul/2020 12:26 PM

Details

Description

Issue Summary

Steps to Reproduce

Expected Results

Actual Results

Workaround

Attachments

Issue Links

Forms

Activity

People

Dates