Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl

The `logfast.core` library seems to be now unmaintained (no release since 2015). Can it be removed or upgraded to another library? Alternatively the jackson-mapper-asl can possibly be excluded.

https://mvnrepository.com/artifact/org.codehaus.jackson/jackson-mapper-asl/1.9.13
https://mvnrepository.com/artifact/com.github.lafa.logfast/logfast.core/1.0.6

mvn dependency:tree -Dverbose -Dincludes=org.codehaus.jackson:jackson-mapper-asl
...
[INFO]    \- com.yahoo.tagchowder:tagchowder.core:jar:2.0.27:compile
[INFO]       \- com.github.lafa.logfast:logfast.core:jar:1.0.6:compile
[INFO]          \- org.apache.avro:avro:jar:1.7.7:compile
[INFO]             \- org.codehaus.jackson:jackson-mapper-asl:jar:1.9.13:compile

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Remove CVE-2023-39410 Vulnerability Due To jackson-mapper-asl #76

Description

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions