Skip to content

Commit

Permalink
Update jackson to 2.18.1 (#9456) (#9467)
Browse files Browse the repository at this point in the history
  • Loading branch information
barchetta authored Nov 4, 2024
1 parent cd11f2d commit 9a752ad
Show file tree
Hide file tree
Showing 2 changed files with 1 addition and 17 deletions.
2 changes: 1 addition & 1 deletion dependencies/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -68,7 +68,7 @@
<version.lib.hibernate-validator>7.0.5.Final</version.lib.hibernate-validator>
<version.lib.hikaricp>5.0.1</version.lib.hikaricp>
<version.lib.hystrix>1.5.18</version.lib.hystrix>
<version.lib.jackson>2.15.2</version.lib.jackson>
<version.lib.jackson>2.18.1</version.lib.jackson>
<version.lib.jakarta.activation-api>2.1.3</version.lib.jakarta.activation-api>
<version.lib.jakarta.annotation-api>2.1.1</version.lib.jakarta.annotation-api>
<version.lib.jakarta.cdi-api>4.0.1</version.lib.jakarta.cdi-api>
Expand Down
16 changes: 0 additions & 16 deletions etc/dependency-check-suppression.xml
Original file line number Diff line number Diff line change
Expand Up @@ -45,22 +45,6 @@
<vulnerabilityName>CVE-2021-26291</vulnerabilityName>
</suppress>

<!--
This CVE is being disputed by the Jackson project and the community seems in agreement that this
CVE should be rejected. We are suppressing this for now to reduce noise in our scan and will
continue to monitor progress.
https://nvd.nist.gov/vuln/detail/CVE-2023-35116
https://github.com/FasterXML/jackson-databind/issues/3972
-->
<suppress>
<notes><![CDATA[
file name: jackson-databind-2.15.2.jar
]]></notes>
<packageUrl regex="true">^pkg:maven/com\.fasterxml\.jackson\.core/jackson\-databind@.*$</packageUrl>
<cve>CVE-2023-35116</cve>
</suppress>

<!-- False Positive. This does not apply to server Java deployment and certainly not to our use of graalvm SDK.
This vulnerability applies to Java deployments, typically in clients running sandboxed
Java Web Start applications or sandboxed Java applets, that load and run untrusted code
Expand Down

0 comments on commit 9a752ad

Please sign in to comment.