Elastic Cloud Enterprise 2.13.3
editElastic Cloud Enterprise 2.13.3
editThe following changes are included in this release.
Enhancements
editUpdate nimbus-jose-jwt to 9.31. Various fixes and enhancements.
Bump Jackson version to 2.9.10.8. This version brings fixes for a large number of CVEs:
-
"Gadget"-deserialisation-related:
- CVE-2020-10968
- CVE-2020-14061
- CVE-2020-14062
- CVE-2020-14195
- CVE-2020-36184
- CVE-2020-36182
- CVE-2020-35728
- CVE-2020-11619
- CVE-2020-36185
- CVE-2020-35490
- GHSA-58pp-9c76-5625
- CVE-2020-36186
- CVE-2020-36187
- GHSA-5949-rw7g-wx7w
- GHSA-v3xw-c963-f5hc
- CVE-2020-24616
- GHSA-r3gr-cxrf-hg25
- CVE-2020-36188
- CVE-2020-36180
- GHSA-95cm-88f5-f2c7
- CVE-2020-36189
- CVE-2020-14060
- CVE-2020-36181
- CVE-2020-11620
- CVE-2020-10969
- CVE-2020-36179
- CVE-2020-36183
- CVE-2020-11113
- GHSA-rpr3-cw39-3pxh
- XML XXE.