Package URl
CPE
- Jackson:
cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.0:rc1:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:2.14.0:rc1:*:*:*:*:*:*
- Jakarta JSON:
cpe:2.3:a:eclipse:glassfish:2.0.1:*:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:2.0.1:*:*:*:*:*:*:*
- Javax JSON:
cpe:2.3:a:json-java_project:json-java:1.0.4:*:*:*:*:*:*:*
- JsonLD-Java:
cpe:2.3:a:json-java_project:json-java:0.13.4:*:*:*:*:*:*:*
CVE
CVE-2022-45688
ODC Integration
{"label"=>"CLI"}
ODC Version
7.2.1
Description
Neither jsonld-java nor hutools (the originally affected project) appear in the full dependency tree of the Clojure/Java project I'm working on. Inspecting the dependencies, neither Jackson nor jsonld-java use java-json or hutools as dependencies. Not sure if jakarta/javax.json use java-json but if the other two libraries have false positives it's probable that their CVEs are FPs as well.
Package URl
CPE
cpe:2.3:a:fasterxml:jackson-modules-java8:2.14.0:rc1:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:2.14.0:rc1:*:*:*:*:*:*cpe:2.3:a:eclipse:glassfish:2.0.1:*:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:2.0.1:*:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:1.0.4:*:*:*:*:*:*:*cpe:2.3:a:json-java_project:json-java:0.13.4:*:*:*:*:*:*:*CVE
CVE-2022-45688
ODC Integration
{"label"=>"CLI"}
ODC Version
7.2.1
Description
Neither jsonld-java nor hutools (the originally affected project) appear in the full dependency tree of the Clojure/Java project I'm working on. Inspecting the dependencies, neither Jackson nor jsonld-java use java-json or hutools as dependencies. Not sure if jakarta/javax.json use java-json but if the other two libraries have false positives it's probable that their CVEs are FPs as well.