fix: updating libs for vulnerabilities (#43)

hypertrace · Feb 22, 2023 · b7bb3e7 · b7bb3e7
1 parent fc8737a
commit b7bb3e7
Showing 1 changed file with 2 additions and 6 deletions.
diff --git a/data-model/build.gradle.kts b/data-model/build.gradle.kts
@@ -16,12 +16,8 @@ dependencies {
     api("org.apache.commons:commons-compress:1.21") {
       because("Multiple vulnerabilities in avro-declared version")
     }
-    api("com.fasterxml.jackson.core:jackson-databind:2.13.2.2") {
-      because(
-        "Denial of Service (DoS) " +
-          "[High Severity][https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-2421244] in " +
-          "com.fasterxml.jackson.core:[email protected]"
-      )
+    api("com.fasterxml.jackson.core:jackson-databind:2.14.2") {
+      because("version 2.12.7.1 has a vulnerability https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-3038424")
     }
   }
   api("commons-codec:commons-codec:1.14")