Forums

Articles
Create
cancel
Showing results for 
Search instead for 
Did you mean: 

Jira Rest Java Client - JRJC - CVE-2019-10172

Anthony Lee
I'm New Here
I'm New Here
Those new to the Atlassian Community have posted less than three times. Give them a warm welcome!
January 4, 2022

The JRJC uses Jackson 1.9 which is vulnerable due to CVE-2019-10172 and has no patched version of Jackson 1.9 to upgrade to. Any way to mitigate this? Any plans to upgrade to Jackson 2.x

1 answer

0 votes
Gonchik Tsymzhitov
Community Champion
January 4, 2022

Hi! 

one of the option make a fork and do changes and make a PR,

https://bitbucket.org/atlassian/jira-rest-java-client/src/master/

 

Cheers,

Gonchik 

Suggest an answer

Log in or Sign up to answer
DEPLOYMENT TYPE
CLOUD
PRODUCT PLAN
PREMIUM
TAGS
AUG Leaders

Atlassian Community Events