Skip to content

Commit

Permalink
Fix: updated jackson-databind to 2.10.0.pr3 to block CVE-2020-25649
Browse files Browse the repository at this point in the history 
## Changes
 Version bump of jackson-databind to 2.11.0

## References: 
 [CVE-2020-25649](https://bugzilla.redhat.com/show_bug.cgi?id=1887664)
  • Loading branch information
@darveshsingh @lbalmaceda
darveshsingh authored and lbalmaceda committed Jan 20, 2021
1 parent 6b80254 commit 63812af
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion lib/build.gradle
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,7 +41,7 @@ compileJava {
}

dependencies {
implementation 'com.fasterxml.jackson.core:jackson-databind:2.10.5.1'
implementation 'com.fasterxml.jackson.core:jackson-databind:2.11.0'
implementation 'commons-codec:commons-codec:1.14'
testImplementation 'org.bouncycastle:bcprov-jdk15on:1.60'
testImplementation 'junit:junit:4.12'
Expand Down

0 comments on commit 63812af

Please sign in to comment.