Ask a Question

Cucumber messages next upgrade ( io.cucumber) and Jackson

Mm0001
Occasional Visitor

Cucumber messages next upgrade ( io.cucumber) and Jackson

Is a minor upgrade of io.cucumber:messages 18.0.0 possible upgrading jackson-databind to a non-vulnerable version. Currently its leveraging 2.13.2 which is flagged as vulnerable CVE-2020-36518 causing io.cucumber:messages to be flagged as vulnerable.

 

Maven Repository: io.cucumber » messages » 18.0.0 (mvnrepository.com)

0 REPLIES 0
cancel
Showing results for 
Search instead for 
Did you mean: