Forum Discussion
No RepliesBe the first to reply
Related Content
- 12 months ago
Is a minor upgrade of io.cucumber:messages 18.0.0 possible upgrading jackson-databind to a non-vulnerable version. Currently its leveraging 2.13.2 which is flagged as vulnerable CVE-2020-36518 causing io.cucumber:messages to be flagged as vulnerable.
Maven Repository: io.cucumber » messages » 18.0.0 (mvnrepository.com)