You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Following the link you've provided, it does not appear that any vulnerabilities are being highlighted in relation to the latest release of bugsnag-java, and it shows the SDK using v2.14.1 of jackson-databind rather than v2.12.6.1 as you mention.
The version of jackson-databind was bumped up in v3.7.0 to avoid these vulnerabilities, and so the SDK should no longer be using that version of jackson-databind. You can see the relevant PR here: #184
Current version of bugsnag deppends on jackson-databind with 2 vulnerabilities:
https://mvnrepository.com/artifact/com.bugsnag/bugsnag/3.6.4
Maybe it could be pumped?
The text was updated successfully, but these errors were encountered: