Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

tntim96 · 2024-04-10T21:45:53Z

The logfast.core library seems to be now unmaintained (no release since 2015). Can it be removed or upgraded to another library? Alternatively the jackson-mapper-asl can possibly be excluded.

https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-mapper-asl/1.9.13
https://mvnrepository.com/artifact/com.github.lafa.logfast/logfast.core/1.0.6

mvn dependency:tree -Dverbose -Dincludes=org.codehaus.jackson:jackson-mapper-asl
...
[INFO] - com.yahoo.tagchowder:tagchowder.core:jar:2.0.27:compile
[INFO] - com.github.lafa.logfast:logfast.core:jar:1.0.6:compile
[INFO] - org.apache.avro:avro:jar:1.7.7:compile
[INFO] - org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile

The text was updated successfully, but these errors were encountered:

tntim96 changed the title ~~Remove CVE-2023-39410 Vulnerability Due To logfast.core~~ Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl Apr 10, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

tntim96 commented Apr 10, 2024 •

edited

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

Comments

tntim96 commented Apr 10, 2024 • edited

tntim96 commented Apr 10, 2024 •

edited