Problem Note 70164: SAS® Lineage 3.3 contains a version of jackson-databind with known vulnerabilities
Severity: Critical
Description: SAS® Lineage 3.3 contains a third-party Java library, jackson-databind 2.9.10, with the following known vulnerabilities:
Potential Impact: The potential impact varies. See the CVE records above for details.
Click the Hot Fix tab in this note for a link to instructions about accessing and applying the software update.
Operating System and Release Information
SAS System | SAS Lineage | Microsoft® Windows® for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
64-bit Enabled AIX | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
64-bit Enabled Solaris | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
HP-UX IPF | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
Linux for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
Solaris for x64 | 3.3 | 3.4 | 9.4 TS1M6 | 9.4 TS1M8 |
*
For software releases that are not yet generally available, the Fixed
Release is the software release in which the problem is planned to be
fixed.
Type: | Problem Note |
Priority: | alert |
Date Modified: | 2023-06-16 09:26:06 |
Date Created: | 2023-06-15 00:41:53 |