- changed status to resolved
CVEs reported in Maven central - Update fasterxml databind version to 2.14.0-rc1 or above
Issue #398
resolved
https://mvnrepository.com/artifact/com.atlassian.oai/swagger-request-validator/2.30.0 lists three CVE security issues - two of which can be easily removed with an override of FasterXML jackson-databind version to 2.140-rc1 or above. A quick minor release for this would allow teams to easily uptake this great library, without having to go through a lot of security considerations.
Comments (1)
-
- Log in to comment
Available in v2.31.0