brackxm
commented
1 year ago 2.13.4.1 is available with a fix for CVE-2022-42003 see https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
(and 2.13.4.2 is available also)
Closed uap-universe closed 1 year ago
brackxm
commented
1 year ago 2.13.4.1 is available with a fix for CVE-2022-42003 see https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
(and 2.13.4.2 is available also)
jimmyjames
commented
1 year ago Thanks @brackxm. We have made #631 and #630 to bump the versions. We will get patch releases out shortly.
jimmyjames
commented
1 year ago 4.2.1 and 3.19.3 have been released and are available in Maven Central 👍
Please update the dependency
com.fasterxml.jackson.core:jackson-databind:2.13.2.2to
com.fasterxml.jackson.core:jackson-databind:2.14as soon as it becomes available
(see also: related issue and milestone)