[JENKINS-69898] saml plugin affected by CVE -2022-42003;42004 - Jenkins Jira

Type: Bug
Resolution: Fixed
Priority: Minor
Component/s: saml-plugin
Labels:
None
Environment:
saml:4.354.vdc8c005cda_34

Similar Issues:
Powered by SuggestiMate

Show
Released As:
4.361.v79b_c2d76d2b_b

saml plugin depends on jackson-databind-2.13.3, which is affected by CVEs:

https://nvd.nist.gov/vuln/detail/CVE-2022-42003

https://nvd.nist.gov/vuln/detail/CVE-2022-42004

links to

Assignee:: Ivan Fernandez Calvo

Reporter:: Sandra Antunes

Votes:: 0 Vote for this issue

Watchers:: 1 Start watching this issue

Created:: 2022-10-19 16:11

Updated:: 2022-10-23 16:48

Resolved:: 2022-10-23 16:48