Vulnerability fix for jackson databind
Closed this issue · 1 comments
dk1844 commented
Current versions of Jason databind are affected by a number of direct vulnerabilities.
CVE-2022-42004
CVE-2022-42003
CVE-2020-36518
See e.g. https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind/2.12.3 for overview
Related to #145 that suggests a version update for Spark2 version