search

opendatalab-de / geojson-jackson

GeoJson POJOs for Jackson - serialize and deserialize objects with ease
http://blog.opendatalab.de
Apache License 2.0
263 stars 94 forks source link

fasterxml jakson dependency update CVE-2018-19361: FasterXML jackson-… #49

Closed assadriaz closed 4 years ago

assadriaz commented 5 years ago

…databind 2.x before 2.9.8 might allow attackers to have unspecified impact by leveraging failure to block the openjpa class from polymorphic deserialization.

sgutwein commented 4 years ago

Please update to 2.9.10 as of CVE-2019-14379!