[DepShield] (CVSS 9.8) Vulnerability due to usage of com.fasterxml.jackson.core:jackson-databind:2.9.9

[sonatype-depshield[bot]]

Vulnerabilities

DepShield reports that this application's usage of com.fasterxml.jackson.core:jackson-databind:2.9.9 results in the following vulnerability(s):

• (CVSS 9.8) [CVE-2019-14379] SubTypeValidator.java in FasterXML jackson-databind before 2.9.9.2 mishandles de...
• (CVSS 7.5) [CVE-2019-14439] A Polymorphic Typing issue was discovered in FasterXML jackson-databind 2.x befo...
• (CVSS 5.9) [CVE-2019-12814] Information Exposure
• (CVSS 5.9) [CVE-2019-12384] Deserialization of Untrusted Data

_{This is an automated GitHub Issue created by Sonatype DepShield. Details on managing GitHub Apps, including DepShield, are available for personal and organization accounts. Please submit questions or feedback about DepShield to the Sonatype DepShield Community.}