Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Snyk] Upgrade com.fasterxml.jackson.core:jackson-databind from 2.6.5 to 2.16.1 #105

Open
wants to merge 1 commit into
base: main
Choose a base branch
from

Conversation

ericsmalling
Copy link
Owner

This PR was automatically created by Snyk using the credentials of a real user.


Snyk has created this PR to upgrade com.fasterxml.jackson.core:jackson-databind from 2.6.5 to 2.16.1.

ℹ️ Keep your dependencies up-to-date. This makes it easier to fix existing vulnerabilities and to more quickly identify and fix newly disclosed vulnerabilities when they affect your project.


  • The recommended version is 132 versions ahead of your current version.
  • The recommended version was released a month ago, on 2023-12-24.

The recommended version fixes:

Severity Issue PriorityScore (*) Exploit Maturity
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467016
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469674
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31573
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72882
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-608664
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1009829
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056417
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72883
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32043
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72445
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72446
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1047324
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
XML External Entity (XXE) Injection
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1048302
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056418
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056419
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72884
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32044
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-32111
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-469676
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-471943
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-472980
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-540500
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052449
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1052450
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056420
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559094
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1054588
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056414
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056416
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056421
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056424
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056425
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056426
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1056427
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-1061931
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-559106
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560762
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-560766
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561362
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561373
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561585
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561586
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-561587
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-174736
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-31507
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72447
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72448
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72449
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72450
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-72451
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-548451
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450917
563/1000
Why? Has a fix available, CVSS 8.1
Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-455617
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467014
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-467015
563/1000
Why? Has a fix available, CVSS 8.1
Mature
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564887
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-564888
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572300
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572314
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-572316
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-6056407
563/1000
Why? Has a fix available, CVSS 8.1
No Known Exploit
Deserialization of Untrusted Data
SNYK-JAVA-COMFASTERXMLJACKSONCORE-450207
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept
Denial of Service (DoS)
SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038426
563/1000
Why? Has a fix available, CVSS 8.1
Proof of Concept

(*) Note that the real score may have changed since the PR was raised.


Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open upgrade PRs.

For more information:

🧐 View latest project report

🛠 Adjust upgrade PR settings

🔕 Ignore this dependency or unsubscribe from future upgrade PRs

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

2 participants