[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.14.2 to 2.18.9#58
[Snyk] Security upgrade com.fasterxml.jackson.core:jackson-databind from 2.14.2 to 2.18.9#58benjaminhuo wants to merge 1 commit into
Conversation
The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-17457695
|
This upgrade of Jackson Databind from 2.14.2 to 2.18.9 is a minor version update but spans several feature releases, introducing new default behaviors that require verification. Key Changes and Potential Impacts:
Recommendation: Verify that your application's JSON payloads do not exceed the new default processing limits. If they do, you will need to configure a custom Source: Jackson 2.15 Release Notes, Jackson 2.16 Release Notes, Jackson 2.18 Release Notes
|
|
|
Snyk has created this PR to fix 1 vulnerabilities in the maven dependencies of this project.
Snyk changed the following file(s):
functions-framework-invoker/pom.xmlVulnerabilities that will be fixed with an upgrade:
SNYK-JAVA-COMFASTERXMLJACKSONCORE-17457695
2.14.2->2.18.9Proof of ConceptBreaking Change Risk
Important
Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.
For more information:
🧐 View latest project report
📜 Customise PR templates
🛠 Adjust project settings
📚 Read about Snyk's upgrade logic
Learn how to fix vulnerabilities with free interactive lessons:
🦉 Improperly Controlled Modification of Dynamically-Determined Object Attributes