This repository has been archived by the owner on Jan 28, 2021. It is now read-only.
Remove camel-jackson vulnerability #102
Comments
danhaywood
added a commit
that referenced
this issue
Jan 15, 2019
…security vulnerabilities in both camel-core (validation) and camel-jackson
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
as per https://github.com/incodehq/incode-platform/network/alert/modules/pom.xml/org.apache.camel:camel-jackson/open
org.apache.camel:camel-jackson
org.apache.camel camel-jackson [2.16.5,) Always verify the validity and compatibility of suggestions with your codebase.Open GitHub opened this alert on 17 Oct 2018
1 org.apache.camel:camel-jackson vulnerability found in modules/pom.xml on 17 Oct 2018
Remediation
Upgrade org.apache.camel:camel-jackson to version 2.16.5 or later. For example:
Details
CVE-2016-8749 More information
high severity
Vulnerable versions: < 2.16.5
Patched version: 2.16.5
Apache Camel's Jackson and JacksonXML unmarshalling operation are vulnerable to Remote Code Execution attacks.
The text was updated successfully, but these errors were encountered: