Several net new CVEs were raised against jackson-databind 2.9.10.
CVE-2019-16942
CVE-2019-16943
2.9.10.1 is released, which I believe addresses these two CVEs.
- is related to
-
HADOOP-16803 Upgrade jackson-databind to 2.9.10.2
-
- Resolved
-