derfurkan
commented
1 year ago This issue should be reviewed ASAP!
Closed kuflierl closed 7 months ago
derfurkan
commented
1 year ago This issue should be reviewed ASAP!
freyacodes
commented
1 year ago Before anyone panics, it doesn't appear like Lavaplayer is affected. There are no mentions of UNWRAP_SINGLE_VALUE_ARRAYS in this repository, and I believe it is disabled by default
JamesKing95
commented
1 year ago I believe #95 resolves this.
CVE-2022-42003 7.5 Deserialization of Untrusted Data vulnerability pending CVSS allocation in com.fasterxml.jackson.core:jackson-databind:2.13.4 Please upgrade to a version >= 2.13.4.1