Uploaded image for project: 'JOC - JobScheduler Operations Center'
  1. JOC - JobScheduler Operations Center
  2. JOC-1663

Update parsson to version 1.0.5 due to 3rd party vulnerability CVE-2023-4043

    XMLWordPrintable

Details

    • Fix
    • Status: Released (View Workflow)
    • Minor
    • Resolution: Fixed
    • 2.5.5, 2.6.2
    • 2.5.6, 2.6.3
    • None
    • None
    • CVE-2023-4043

    Description

      Current Situation

      Impact

      We rate the impact to our software as very low as our implementation does not make use of the parsson library for parsing. This library is only used by 3rd party library jersey-media-moxy internally.

      Desired Behavior

      JS7 JOC Cockpit should use version 1.0.5 which fixes the vulnerability.

      Attachments

        Activity

          People

            sp Santiago Aucejo Petzoldt
            sp Santiago Aucejo Petzoldt
            Pramokshi Narawariya Pramokshi Narawariya
            Votes:
            0 Vote for this issue
            Watchers:
            3 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: