We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
swagger-core currently (v1.5.15) uses jackson-databind v2.8.7. Update this by incrementing jackson-version to 2.8.9.
Addresses Jackson Deserializer security vulnerability:
FasterXML/jackson-databind#1599 https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.8.9
The text was updated successfully, but these errors were encountered:
Looks like FasterXML has more CVE Security issues:
https://www.cvedetails.com/vulnerability-list/vendor_id-15866/product_id-34008/Fasterxml-Jackson.html
https://www.cvedetails.com/vulnerability-list/vendor_id-15866/product_id-42991/Fasterxml-Jackson-databind.html
Even affects the latest version 2.9.8 available by internet.
Sorry, something went wrong.
obsolete
No branches or pull requests
swagger-core currently (v1.5.15) uses jackson-databind v2.8.7. Update this by incrementing jackson-version to 2.8.9.
Addresses Jackson Deserializer security vulnerability:
FasterXML/jackson-databind#1599
https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.8.9
The text was updated successfully, but these errors were encountered: