[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0 #8

snyk-bot · 2021-12-15T18:35:22Z

Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.

The recommended version is 125 versions ahead of your current version.
The recommended version was released 2 months ago, on 2021-09-30.

The recommended version fixes:

Issue	PriorityScore (*)	Exploit Maturity
XML External Entity (XXE) Injection SNYK-JAVA-COMFASTERXMLJACKSONDATAFORMAT-30242	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72884	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72883	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72882	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72447	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72446	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-72445	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015	640/1000 Why? Has a fix available, CVSS 9.8	Mature
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917	640/1000 Why? Has a fix available, CVSS 9.8	Mature
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-32044	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-32043	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-31573	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-31507	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588	640/1000 Why? Has a fix available, CVSS 9.8	Proof of Concept
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit
Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829	640/1000 Why? Has a fix available, CVSS 9.8	No Known Exploit

(*) Note that the real score may have changed since the PR was raised.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

…o 2.13.0 Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0. See this package in Maven Repository: https://mvnrepository.com/artifact/com.fasterxml.jackson.core/jackson-databind/ See this project in Snyk: https://app.snyk.io/org/andird/project/153eb5c3-41e3-4e9d-bc1b-73d5a32c1bd8?utm_source=github&utm_medium=referral&page=upgrade-pr

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0 #8

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0 #8

Uh oh!

snyk-bot commented Dec 15, 2021

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0 #8

Are you sure you want to change the base?

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0 #8

Uh oh!

Conversation

snyk-bot commented Dec 15, 2021

Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.4.2 to 2.13.0.

Uh oh!

Reviewers

Assignees

Labels

Projects

Milestone

Development

Uh oh!

2 participants