Uploaded image for project: 'Build'
  1. Build
  2. BUILD-988

Dismiss mismatched json-path CVE

    XMLWordPrintable

Details

    • Task
    • Resolution: Done
    • Neutral
    • None
    • None
    • None

    Description

      https://nvd.nist.gov/vuln/detail/CVE-2021-4279

      It actually affects https://github.com/Starcounter-Jack/JSON-Patch (a js library), while Magnolia uses a Java dependency by the same name https://mvnrepository.com/artifact/com.github.fge/json-patch

      json-patch-1.9.jar (cpe:2.3:a:json-patch_project:json-patch:1.9:*:*:*:*:*:*:*) : CVE-2021-4279
      

      Checklists

        Acceptance criteria

        Attachments

          Activity

            People

              fgrilli Federico Grilli
              fgrilli Federico Grilli
              Foundation
              Votes:
              0 Vote for this issue
              Watchers:
              1 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved:
                Work Started:

                Checklists

                  Task DoR