search

datastax / pulsar-sink

An Apache Pulsar® sink for transferring events/messages from Pulsar topics to Apache Cassandra®, DataStax Astra or DataStax Enterprise (DSE) tables.
Apache License 2.0
14 stars 10 forks source link

Upgrade jackson to 2.12.7.1 #46

Closed nicoloboschi closed 1 year ago

nicoloboschi commented 1 year ago

Motivation

jackson-databind 2.12.6.1 is vulnerable to CVE-2022-42003

Modifications

there's no strong reason to bump to 2.13.x so it's more conservative to remain on 2.12.x