druid

History

Tejaswini Bandlamudi 550a66d71e Upgrade jackson-databind to 2.12.7 (#14770 ) The current version of jackson-databind is flagged for vulnerabilities CVE-2020-28491 (Although cbor format is not used in druid), CVE-2020-36518 (Seems genuine as deeply nested json in can cause resource exhaustion). Updating the dependency to the latest version 2.12.7 to fix these vulnerabilities.	2023-08-09 12:22:16 +05:30
..
src	Upgrade jackson-databind to 2.12.7 (#14770 )	2023-08-09 12:22:16 +05:30
pom.xml	Upgrade jackson-databind to 2.12.7 (#14770 )	2023-08-09 12:22:16 +05:30

Tejaswini Bandlamudi 550a66d71e

Upgrade jackson-databind to 2.12.7 (#14770 )

The current version of jackson-databind is flagged for vulnerabilities CVE-2020-28491 (Although cbor format is not used in druid), CVE-2020-36518 (Seems genuine as deeply nested json in can cause resource exhaustion). Updating the dependency to the latest version 2.12.7 to fix these vulnerabilities.

2023-08-09 12:22:16 +05:30

src

Upgrade jackson-databind to 2.12.7 (#14770 )

2023-08-09 12:22:16 +05:30

pom.xml

Upgrade jackson-databind to 2.12.7 (#14770 )

2023-08-09 12:22:16 +05:30