How to Remove Vulnerable Jackson Libraries JasperReports Server 8.0.x

In order to fix issues with Jackson Libraries in the JasperReports Server, you need to remove specific Jackson Libraries jars from the installed JasperReports Server location. The following steps help you to remove the jars.

To remove Jackson Libraries Jars from JasperReports Server, follow these steps:

1. Stop the JasperReports Server 8.0.2. Refer to How to Start or Stop JasperReports Server.

2. Remove the following jars from the path <Jaspersoft Install Directory 8.0.0>/apache-tomcat/webapps/jasperserver-pro/WEB-INF/lib.

   • jackson-core-asl-1.9.13.jar

   • jackson-mapper-asl-1.9.13.jar

   • oAuth-0.0.1-SNAPSHOT.jar

3. Download the JasperReports package as per the steps How to Download and Import a Package into the JasperReports Server.

4. Copy the oAuth-0.0.1-SNAPSHOT.jar from the downloaded package to <Jaspersoft Install Directory 8.0.0>/apache-tomcat/webapps/jasperserver-pro/WEB-INF/lib

5. Start the JasperReports Server 8.0.2. Refer to How to Start or Stop JasperReports Server.