You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The logfast.core library seems to be now unmaintained (no release since 2015). Can it be removed or upgraded to another library? Alternatively the jackson-mapper-asl can possibly be excluded.
The text was updated successfully, but these errors were encountered:
tntim96
changed the title
Remove CVE-2023-39410 Vulnerability Due To logfast.core
Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl
Apr 10, 2024
The
logfast.core
library seems to be now unmaintained (no release since 2015). Can it be removed or upgraded to another library? Alternatively the jackson-mapper-asl can possibly be excluded.https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-mapper-asl/1.9.13
https://mvnrepository.com/artifact/com.github.lafa.logfast/logfast.core/1.0.6
mvn dependency:tree -Dverbose -Dincludes=org.codehaus.jackson:jackson-mapper-asl
...
[INFO] - com.yahoo.tagchowder:tagchowder.core:jar:2.0.27:compile
[INFO] - com.github.lafa.logfast:logfast.core:jar:1.0.6:compile
[INFO] - org.apache.avro:avro:jar:1.7.7:compile
[INFO] - org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile
The text was updated successfully, but these errors were encountered: