logzio / sawmill

Sawmill is a JSON transformation Java library
Apache License 2.0
116 stars 24 forks source link

[Snyk] Fix for 1 vulnerabilities #215

Closed snyk-bot closed 3 years ago

snyk-bot commented 4 years ago

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade:
Severity Issue Upgrade Breaking Change Exploit Maturity
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625
com.fasterxml.jackson.core:jackson-databind:
2.9.10.1 -> 2.10.0
com.fasterxml.jackson.module:jackson-module-afterburner:
2.7.1 -> 2.10.0
com.maxmind.geoip2:geoip2:
2.12.0 -> 2.13.0
No No Known Exploit

Check the changes in this PR to ensure they won't cause issues with your project.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic