Upgrade Jackson to version 2.9.9 or higher #2779
Due to a new vulnerability found in jackson 2.9.8 it is needed to upgrade to jackson 2.9.9 or higher
More information at: https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736
Yeah, that's what I did. But it would be nice to have this security issue deployed.…
On Fri, May 24, 2019, 17:26 Jochen Schalanda ***@***.***> wrote: @mpbalmeida <https://github.com/mpbalmeida> You can temporarily override the Jackson BOM version in your projects to already pull in the latest version of the Jackson dependencies. — You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub <#2779?email_source=notifications&email_token=AAD6ABVRQUPOJKT7ME7GM7DPXACJXA5CNFSM4HOIVX2KYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODWFW3UQ#issuecomment-495676882>, or mute the thread <https://github.com/notifications/unsubscribe-auth/AAD6ABTH7QKRC7EBBSTKWOTPXACJXANCNFSM4HOIVX2A> .