Skip to content

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.16.2 #8

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
mend-for-github-com wants to merge 1 commit into
base: main
Choose a base branch
from

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.16.2

ac6c127
Select commit
Loading
Failed to load commit list.
Open

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.16.2 #8

Update dependency com.fasterxml.jackson.core:jackson-databind to v2.16.2
ac6c127
Select commit
Loading
Failed to load commit list.
Mend for GitHub.com / Mend Security Check failed Mar 19, 2026 in 3m 50s

Security Report

You have successfully remediated 14 vulnerabilities, but introduced 3 new vulnerabilities in this branch.

❌ New vulnerabilities:

Vulnerability Severity CVSS Score Vulnerable Library Direct Library Suggested Fix Issue Reachability
WS-2026-0003

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.16.2/b4f588bf070f77b604c645a7d60b71eae2e6ea09/jackson-core-2.16.2.jar

Dependency Hierarchy:

-> jackson-datatype-jsr310-2.16.2.jar (Root Library)

   -> ❌ jackson-core-2.16.2.jar (Vulnerable Library)

High 7.5 Transitive jackson-core-2.16.2.jar jackson-datatype-jsr310-2.16.2.jar Transitive 2.18.6 None

Reachable
WS-2026-0003

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.16.2/b4f588bf070f77b604c645a7d60b71eae2e6ea09/jackson-core-2.16.2.jar

Dependency Hierarchy:

-> jackson-databind-2.16.2.jar (Root Library)

   -> ❌ jackson-core-2.16.2.jar (Vulnerable Library)

High 7.5 Transitive jackson-core-2.16.2.jar jackson-databind-2.16.2.jar Transitive 2.18.6 None

Reachable
WS-2026-0003

Path to dependency file: /build.gradle

Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.16.2/b4f588bf070f77b604c645a7d60b71eae2e6ea09/jackson-core-2.16.2.jar

Dependency Hierarchy:

-> jackson-dataformat-hal-1.0.9.jar (Root Library)

   -> jackson-jaxrs-json-provider-2.16.2.jar

     -> jackson-module-jaxb-annotations-2.16.2.jar

       -> ❌ jackson-core-2.16.2.jar (Vulnerable Library)

High 7.5 Transitive jackson-core-2.16.2.jar jackson-dataformat-hal-1.0.9.jar Transitive 2.18.6 None

Reachable

✔️ Remediated vulnerabilities:

Vulnerability Vulnerable Library
CVE-2024-38809 spring-web-5.3.26.jar
CVE-2025-52999 jackson-core-2.14.2.jar
CVE-2024-22243 spring-web-5.3.26.jar
CVE-2016-1000027 spring-web-5.3.26.jar
CVE-2024-22259 spring-web-5.3.26.jar
CVE-2024-38820 spring-core-5.3.26.jar
CVE-2024-38828 spring-core-5.3.26.jar
CVE-2024-22262 spring-web-5.3.26.jar
CVE-2025-41249 spring-core-5.3.26.jar
CVE-2024-38820 spring-web-5.3.26.jar
CVE-2025-41242 spring-beans-5.3.26.jar
WS-2022-0468 jackson-core-2.14.2.jar
WS-2026-0003 jackson-core-2.14.2.jar
CVE-2024-38828 spring-web-5.3.26.jar

Base branch total remaining vulnerabilities: 14
Base branch commit: 89b37d51a7fbf5c1936c9567e03ec2bb2560366b


Total libraries scanned: 34

Scan token: 39e957079412445f96730d83acdf18e9

View more details on Mend for GitHub.com