-
Task
-
Resolution: Done
-
Medium
-
None
-
SDC Sprint 24
LF CLM report identified a vulnerability in the flowing dependency:
group: com.fasterxml.jackson.dataformat
Artifact: jackson-dataformat-xml
this dependency was identified in:
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.core.tools:openecomp-zusammen-tools:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:action-library-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:onboarding-be:war:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-types:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-types:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-types:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vnf-repository-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-types:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest:pom:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-services:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-types:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-conflict-core:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-action-manager:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-conflict-manager:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-core:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-impl:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-lib:pom:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healing-impl:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-manager:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-api:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-core:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-manager:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-core:jar:1.3.0-SNAPSHOT
Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-manager:jar:1.3.0-SNAPSHOT
the closest version with a fix is 2.8.10