search

rethinkdb / rethinkdb-java

Official RethinkDB Java client
https://rethinkdb.com/api/java/
Apache License 2.0
21 stars 10 forks source link

Upgrade Jackson to 2.13.2.2 #67

Closed Scarsz closed 2 years ago

Scarsz commented 2 years ago

Reason for the change

Jackson implemented native support for record classes, making serialization trivial for data POJOs.

In addition, upgrading fixes vulnerabilities: CVE-2020-25649 7.5 Improper Restriction of XML External Entity Reference vulnerability pending CVSS allocation CVE-2021-20190 8.1 Deserialization of Untrusted Data vulnerability pending CVSS allocation CVE-2020-10650 8.1 Deserialization of Untrusted Data vulnerability pending CVSS allocation Cxced0c06c-935c 5.9 Uncontrolled Resource Consumption vulnerability pending CVSS allocation CVE-2020-36518 7.5 Out-of-bounds Write vulnerability pending CVSS allocation

Checklist