Upgrade jackson to 2.12.7.1

datastax / cdc-apache-cassandra

Datastax CDC for Apache Cassandra

Apache License 2.0

35 stars 21 forks source link

Closed nicoloboschi closed 1 year ago

nicoloboschi commented 1 year ago

jackson-databind 2.12.6.1 is vulnerable to CVE-2022-42003

there's no strong reason to bump to 2.13.x so it's more conservative to remain on 2.12.x