Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
ZOOKEEPER-4716: upgrade jackson to 2.15.2, suppress two false positiv…
…e CVE errors Our jackson is quite old, I want to upgrade it before release 3.8.2. Also we have a few false positive CVEs reported by OWASP: - CVE-2023-35116: according to jackson community, this is not a security issue, see FasterXML/jackson-databind#3972 (comment) - CVE-2022-45688: the following CVE is not even jackson related, but a vulnerability in json-java which we don't use in ZooKeeper
- Loading branch information