saml plugin affected by CVE -2022-42003;42004

XMLWordPrintable

    • Type: Bug
    • Resolution: Fixed
    • Priority: Minor
    • Component/s: saml-plugin
    • None
    • Environment:
      saml:4.354.vdc8c005cda_34
    • 4.361.v79b_c2d76d2b_b

      saml plugin depends on jackson-databind-2.13.3, which is affected by CVEs:

      https://nvd.nist.gov/vuln/detail/CVE-2022-42003

      https://nvd.nist.gov/vuln/detail/CVE-2022-42004

            Assignee:
            Ivan Fernandez Calvo
            Reporter:
            Sandra Antunes
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

              Created:
              Updated:
              Resolved: