TimQuist
commented
6 months ago It was blocking my spring-boot upgrade. I tried to open a PR but no permissions.
I've created a fork and fixed it there. File is not on maven-central, so you'll have to include it yourself: https://github.com/42BV/geojson-jackson
@grundid If you give me permissions to push to a branch I'll open up a PR here too.
The project uses Jackson version 2.10.0. This version of
jackson-databindhas the following security vulnerabilities: