'CVE-2020-36518 : Unable to resolve WhiteSource vulnerability for jackson-databind library
I have tried all the versions of jackson-databind (including version suggested on whitesource fix), but all the version for jackson-databind showing vulnerability on whitesource scan.
Below is the description of the issue and we can also see the WhiteSource Note :
Can someone help me here to resolve this?
Note: I am using jackson-databind dependency so can not exclude it in pom.xml
Solution 1:[1]
The fix for it on the way. Thanks to the open source community. In mean time if there is possibility of a waiver, please request from your vendor.
More details can be found at https://github.com/FasterXML/jackson-databind/issues/2816
Sources
This article follows the attribution requirements of Stack Overflow and is licensed under CC BY-SA 3.0.
Source: Stack Overflow
| Solution | Source |
|---|---|
| Solution 1 | pred |