Closed kuflierl closed 7 months ago
This issue should be reviewed ASAP!
Before anyone panics, it doesn't appear like Lavaplayer is affected. There are no mentions of UNWRAP_SINGLE_VALUE_ARRAYS
in this repository, and I believe it is disabled by default
I believe #95 resolves this.
CVE-2022-42003 7.5 Deserialization of Untrusted Data vulnerability pending CVSS allocation in com.fasterxml.jackson.core:jackson-databind:2.13.4 Please upgrade to a version >= 2.13.4.1