Skip to content

Commit

Permalink
WINDUP-3841: jackson-databind CVE fix (#914)
Browse files Browse the repository at this point in the history 
* jackson-databind CVE fix

* force jackson versions to 2.13.4

* jackson version properties added
  • Loading branch information
@m-brophy
m-brophy committed May 2, 2023
1 parent bfd9ad3 commit 3c2347c
Showing 1 changed file with 22 additions and 0 deletions.
22 changes: 22 additions & 0 deletions pom.xml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -32,6 +32,8 @@
<version.wildfly>23.0.2.Final</version.wildfly>
<wildfly.directory>wildfly-${version.wildfly}</wildfly.directory>
<version.resteasy>3.15.1.Final</version.resteasy>
<version.jackson>2.13.4</version.jackson>
<version.jackson.databind>2.13.4.2</version.jackson.databind>
<version.jboss.javaee>1.0.1.Final</version.jboss.javaee>

<windup.web.scm.connection>scm:git:https://github.com/windup/windup-web.git</windup.web.scm.connection>
Expand Down Expand Up @@ -203,6 +205,26 @@
<artifactId>resteasy-jackson2-provider</artifactId>
<version>${version.resteasy}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-databind</artifactId>
<version>${version.jackson.databind}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-core</artifactId>
<version>${version.jackson}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.core</groupId>
<artifactId>jackson-annotations</artifactId>
<version>${version.jackson}</version>
</dependency>
<dependency>
<groupId>com.fasterxml.jackson.jaxrs</groupId>
<artifactId>jackson-jaxrs-json-provider</artifactId>
<version>${version.jackson}</version>
</dependency>
<dependency>
<groupId>org.jboss.arquillian.extension</groupId>
<artifactId>arquillian-drone-bom</artifactId>
Expand Down

0 comments on commit 3c2347c

Please sign in to comment.