connectors icon indicating copy to clipboard operation
connectors copied to clipboard

Published 20 hours ago verified publisher icon delta-io

Fix delta-standalone jackson module vulnerability CVE-2020-36518

Open scottsand-db opened this issue 3 years ago • 2 comments

As pointed out here https://github.com/delta-io/connectors/issues/343, the current version of jackson-module has a known vulnerability. We upgrade to a newer version.

See https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518.

scottsand-db avatar May 27 '22 16:05 scottsand-db

@scottsand-db The merge is blocked here, will you please let me know when this fix can be merged? Thanks.

zhudaxi avatar Jul 06 '22 15:07 zhudaxi

@zhudaxi - I will need to spend some time and investigate the dependency conflict errors. Will get back to you.

scottsand-db avatar Jul 07 '22 16:07 scottsand-db

This repo has been deprecated and the code is moved under connectors module in https://github.com/delta-io/delta repository. Here are the migration steps to recreate this PR in the new repository location.

vkorukanti avatar Jul 11 '23 17:07 vkorukanti