Known CVE in jackson-databind 2.9.10.5

mulesoft-catalyst / mule-sonarqube-plugin

The Mule SonarQube Plugin provides the capability to do code inspecting and taking project metrics from a mule project using SonarQube.

The Unlicense

46 stars 68 forks source link

Closed CN-PierreNoel closed 3 years ago

CN-PierreNoel commented 3 years ago

There is 2 known CVE in jackson-databind version 2.9.10.5

Changing to jackson-databind dependency to version 2.9.10.6 would fix those.

CN-PierreNoel commented 3 years ago

Awesome! CVEs are gone on my side. Thanks for the quick fix :)