Uploaded image for project: 'Service Design and Creation'
  1. Service Design and Creation
  2. SDC-1718

fix security vilation CVE-2016-7051

XMLWordPrintable

      LF CLM report identified a vulnerability in the flowing dependency:

      group: com.fasterxml.jackson.dataformat

      Artifact: jackson-dataformat-xml

      this dependency was identified in:

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.core.tools:openecomp-zusammen-tools:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:action-library-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:onboarding-be:war:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:validation-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-license-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vendor-software-products-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc.onboarding:vnf-repository-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:conflict-rest:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-services:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:item-rest-types:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-conflict-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-action-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-conflict-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-enrichment-lib:pom:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-healing-impl:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-validation-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-api:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-license-manager:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-core:jar:1.3.0-SNAPSHOT

      Dependency com.fasterxml.jackson.dataformat:jackson-dataformat-xml:jar:2.8.1 located at Module org.openecomp.sdc:openecomp-sdc-vendor-software-product-manager:jar:1.3.0-SNAPSHOT

       

      the closest version with a fix is 2.8.10

       

       

       

       

       

       

            vempo vempo
            ml636r ml636r
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: