[Snyk] Fix for 1 vulnerabilities #1101

snyk-bot · 2020-05-30T02:59:53Z

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Changes to the following files to upgrade the vulnerable dependencies to a fixed version:
- pom.xml
- ArgusCore/pom.xml

Vulnerabilities that will be fixed

With an upgrade:

Severity	Issue	Upgrade	Breaking Change	Exploit Maturity
	Deserialization of Untrusted Data SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625	`com.fasterxml.jackson.core:jackson-databind:` `2.9.5 -> 2.10.0` `org.apache.kafka:kafka_2.11:` `2.1.1 -> 2.2.2`	No	No Known Exploit

Check the changes in this PR to ensure they won't cause issues with your project.

Note: You are seeing this because you or someone else with access to this repository has authorized Snyk to open fix PRs.

For more information:
🧐 View latest project report

🛠 Adjust project settings

📚 Read more about Snyk's upgrade and patch logic

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625

fix: pom.xml & ArgusCore/pom.xml to reduce vulnerabilities

7e7f3cc

The following vulnerabilities are fixed with an upgrade: - https://snyk.io/vuln/SNYK-JAVA-COMFASTERXMLJACKSONCORE-570625

salesforce-cla bot added the cla:signed label May 30, 2020

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

[Snyk] Fix for 1 vulnerabilities #1101

[Snyk] Fix for 1 vulnerabilities #1101

snyk-bot commented May 30, 2020

[Snyk] Fix for 1 vulnerabilities #1101

Are you sure you want to change the base?

[Snyk] Fix for 1 vulnerabilities #1101

Conversation

snyk-bot commented May 30, 2020

Snyk has created this PR to fix one or more vulnerable packages in the `maven` dependencies of this project.

Changes included in this PR

Vulnerabilities that will be fixed

With an upgrade: