Skip to content

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.1 to 2.18.2#1

Open
emptyvast wants to merge 1 commit into
masterfrom
snyk-upgrade-623192a05475684f4a656f51ce772ffd
Open

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.1 to 2.18.2#1
emptyvast wants to merge 1 commit into
masterfrom
snyk-upgrade-623192a05475684f4a656f51ce772ffd

Conversation

@emptyvast

Copy link
Copy Markdown
Owner

snyk-top-banner

Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.1 to 2.18.2.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 76 versions ahead of your current version.

  • The recommended version was released 2 months ago.

Issues fixed by the recommended upgrade:

Issue Score Exploit Maturity
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931
563 No Known Exploit
high severity Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664
563 Proof of Concept
high severity Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-7569538
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324
563 No Known Exploit
high severity XML External Entity (XXE) Injection
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416
563 Proof of Concept
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417
563 No Known Exploit
high severity Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418
563 Proof of Concept
medium severity Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424
563 Proof of Concept
medium severity Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426
563 Proof of Concept

Important

  • Check the changes in this PR to ensure they won't cause issues with your project.
  • This PR was automatically created by Snyk using the credentials of a real user.
  • Max score is 1000. Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

…1 to 2.18.2

Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.9.10.1 to 2.18.2.

See this package in maven:
com.fasterxml.jackson.core:jackson-databind

See this project in Snyk:
https://app.snyk.io/org/emptyvast/project/cd5d971a-65ca-429b-a6d6-a5ba8cefc050?utm_source=github&utm_medium=referral&page=upgrade-pr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants