jackson-mapper-asl is vulnerable
lokendra2211 opened this issue · 3 comments
lokendra2211 commented
hi team
we are using force-Wsc.48 which is having dependency in jackson-mapper-asl 1.9.13 and our security team found that jackson-mapper-asl is vulnerable. so can you please update this dependency with jackson-databind 2.10.1.
NOTE:please find the attached
DetailedReport_Connectors_20_Jan_2020.pdf
report for the jackson-mapper-asl jar
thanks and regards
Lokendra
mbenoit99 commented
+1 for fixing this.
https://snyk.io/vuln/SNYK-JAVA-ORGCODEHAUSJACKSON-534878
jyothsna-smax commented
Any update on this?
mgrumbach commented
Fix has been published in WSC 49.2.0.