You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
External dependency: com.fasterxml.jackson.core:jackson-databind - https://github.com/FasterXML/jackson
Package details: General data-binding functionality for Jackson: works on core streaming API
Latest version: 2.17.1
License: Apache-2.0
Insights:
Frequent commits - New code commits are frequently being pushed
Historical CVEs - This package had at least two critical or high CVEs in two consecutive years
Has vulnerabilities - One or more vulnerabilities have been reported for this package
High EPSS - This package has one vulnerability that is highly likely to be exploited according to the EPSS algorithm
Exploit POC - This package has 5 vulnerabilities with proof of concept exploits.
July 1st 3 tix
Discovered on: Mar 10, 2024 15:57
Dependency: com.fasterxml.jackson.core:jackson-databind
Version:
Type: Direct
Introduced through:
Vulnerabilities
About this package:
External dependency: com.fasterxml.jackson.core:jackson-databind - https://github.com/FasterXML/jackson
Package details: General data-binding functionality for Jackson: works on core streaming API
Latest version: 2.17.1
License: Apache-2.0
Insights:
Remediation
Upgrade to com.fasterxml.jackson.core:jackson-databind@2.16.0:
View in Apiiro
The text was updated successfully, but these errors were encountered: