OpenAPITools/jackson-databind-nullable

Fix CVE-2022-42003

animalet opened this issue 2 years ago · 4 comments

animalet commented 2 years ago

jackson-databind 12.3 is affected by a security vulnerability. Upgrade to 2.14 fixes this.
https://www.cve.org/CVERecord?id=CVE-2022-42003

animalet commented 2 years ago

@wing328 Is there an ETA for the release?

wing328 commented 2 years ago

I'll try to do it this weekend.

animalet commented 2 years ago

Thx!

wing328 commented 2 years ago

Released: https://central.sonatype.dev/artifact/org.openapitools/jackson-databind-nullable/0.2.4

🎉1
❤️1