From 25bf7bd4e51e8260e3274251bbd4c8fd1c9af7ae Mon Sep 17 00:00:00 2001 From: Felix Dittrich Date: Mon, 19 Jun 2023 12:07:03 +0200 Subject: [PATCH] Update Jackson --- owasp/suppressions.xml | 8 ++++++++ pom.xml | 23 +++++++++++++++++++++++ 2 files changed, 31 insertions(+) diff --git a/owasp/suppressions.xml b/owasp/suppressions.xml index 3fd8b02..5ff56ad 100644 --- a/owasp/suppressions.xml +++ b/owasp/suppressions.xml @@ -4,4 +4,12 @@ no YAML content from users is parsed within this service CVE-2022-1471 + + False positive + CVE-2022-45688 + + + No fix available, still analyzed + CVE-2023-35116 + diff --git a/pom.xml b/pom.xml index e60a8b3..77878df 100644 --- a/pom.xml +++ b/pom.xml @@ -87,6 +87,17 @@ org.springframework.cloud spring-cloud-starter-openfeign + + + commons-fileupload + commons-fileupload + + + + + commons-fileupload + commons-fileupload + 1.5 io.github.openfeign @@ -120,10 +131,22 @@ com.fasterxml.jackson.core jackson-databind + 2.15.2 + + + com.fasterxml.jackson.core + jackson-core + 2.15.2 com.fasterxml.jackson.datatype jackson-datatype-jsr310 + 2.15.2 + + + com.fasterxml.jackson.core + jackson-annotations + 2.15.2 org.springframework.boot