Open rdarcy1 opened 3 months ago
com.fasterxml.jackson.core:jackson-databind version 2.13.0 is subject to a CVE with CVSS 7.5 (high).
com.fasterxml.jackson.core:jackson-databind
Updated version to latest available (2.17.2) which is non-breaking as jackson-databind follows semver.
Not sure if build.gradle is auto-generated; if so would be grateful if the dependency could be updated upstream.
@rdarcy1 thanks for making this PR, we'll be upgrading this dependency shortly
com.fasterxml.jackson.core:jackson-databind
version 2.13.0 is subject to a CVE with CVSS 7.5 (high).Updated version to latest available (2.17.2) which is non-breaking as jackson-databind follows semver.
Not sure if build.gradle is auto-generated; if so would be grateful if the dependency could be updated upstream.