Closed uap-universe closed 1 year ago
2.13.4.1 is available with a fix for CVE-2022-42003 see https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13
(and 2.13.4.2 is available also)
Thanks @brackxm. We have made #631 and #630 to bump the versions. We will get patch releases out shortly.
4.2.1 and 3.19.3 have been released and are available in Maven Central 👍
Please update the dependency
com.fasterxml.jackson.core:jackson-databind:2.13.2.2
to
com.fasterxml.jackson.core:jackson-databind:2.14
as soon as it becomes available
(see also: related issue and milestone)