Maven2 repository show the jackson verision is 2.9.9 which it has vulnerability issue
BoDING1007 opened this issue · comments
Hello, in our project whitesource scan, it is reporting 2.1.8 version is using jackson verision is 2.9.9 which it has vulnerability issue. I have checked your pom file, it seems you already update to the jackson verision 2.11.8. Do you know why Maven2 and git is different version declaration.
Any solution to avoid this inconsistency?