here is a vulnerability in jackson-databind 1.9.13,upgrade recommended

Open QiAnXinCodeSafe opened this issue 5 years ago • 0 comments

https://github.com/apache/submarine/blob/3041ef26ad04c0bddd2257a28694aa4e2b4cc837/pom.xml#L120

CVE-2017-15095 CVE-2018-7489 CVE-2019-14540 CVE-2019-16335 CVE-2019-17267 CVE-2019-14893 CVE-2018-5968 CVE-2019-10172 CVE-2018-1000873 Recommended upgrade version：

2.6.7.4

Dec 09 '20 09:12 QiAnXinCodeSafe