Uploaded image for project: 'Service Design and Creation'
  1. Service Design and Creation
  2. SDC-1716

fix security vilation SONATYPE-2016-0397 and SONATYPE-2017-0355

XMLWordPrintable

      LF CLM report identified a vulnerability in the flowing dependency:

      group: com.fasterxml.jackson.core

      Artifact: jackson-core

      this dependency was identified in:

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.onap.sdc.common:onap-configuration-management-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.onap.sdc.common:onap-configuration-management-test:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.onap.sdc.common:onap-sdc-artifact-generator-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.onap.sdc.common:onap-sdc-artifact-generator-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.onap.sdc.common:onap-sdc-artifact-generator-test:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core.tools:openecomp-zusammen-tools:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-common-lib:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-config-lib:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-facade-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-facade-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-facade-lib:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-heat-lib:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-nosqldb-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-nosqldb-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-nosqldb-lib:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-session-lib:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-tosca-lib:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-zusammen-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.core:openecomp-zusammen-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:action-library-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:action-library-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:onboarding-be:war:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vnf-repository-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:application-config-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:healthcheck-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:item-permissions-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:notifications-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-conflict-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-conflict-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-item-permissions-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-item-permissions-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-item-permissions-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-action-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-action-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-action-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-activity-log-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-activity-log-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-activity-log-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-application-config-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-common-rest:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-conflict-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-lib:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healing-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healing-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healing-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healthcheck-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-item-permissions-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-model-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-model-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-model-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-model-lib:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-notification-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-notification-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-tosca-generator-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-tosca-generator-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-translator-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-translator-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-sdk:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-versioning-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-versioning-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-tosca-converter-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-tosca-converter-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:togglz-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.core:jackson-core:jar:2.8.1 located at Module org.openecomp.sdc:unique-type-rest-services:jar:1.3.0-SNAPSHOT

       

      the closest version with a fix is 2.8.6

       

       

       

       

       

       

            vempo vempo
            ml636r ml636r
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: