search

kakawait / cas-security-spring-boot-starter

Spring boot starter for Apereo CAS client fully integrated with Spring security
MIT License
153 stars 45 forks source link

[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.9.3 to 2.10.0 #138

Closed snyk-bot closed 4 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Upgrade Breaking Change Exploit Maturity
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106		 com.fasterxml.jackson.core:jackson-databind:
2.9.9.3 -> 2.10.0
No Proof of Concept

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:

🧐 View latest project report

πŸ›  Adjust project settings

πŸ“š Read more about Snyk's upgrade and patch logic

codecov[bot] commented 4 years ago

Codecov Report

Merging #138 into master will not change coverage. The diff coverage is n/a.

Impacted file tree graph

@@           Coverage Diff            @@
##             master    #138   +/-   ##
========================================
  Coverage      84.7%   84.7%           
  Complexity      121     121           
========================================
  Files            23      23           
  Lines           608     608           
  Branches         77      77           
========================================
  Hits            515     515           
  Misses           69      69           
  Partials         24      24

Continue to review full report at Codecov.

Legend - Click here to learn more Ξ” = absolute <relative> (impact), ΓΈ = not affected, ? = missing data Powered by Codecov. Last update f3afa3b...e7d533b. Read the comment docs.