Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Upgrade Jackson to 2.9.4 in 1.2.* to address a CVE #2269
According to the CVE, maliciously crafted JSON input can allow a remote code execution, if it's passed directly to the
Upgrade Jackson to 2.9.4 with a fix to the CVE.
Dropwizard doesn't use Spring, but some end users use Spring along with Dropwizard, so we should give them a simple way to protect their applications.