Update dependency com.fasterxml.jackson.core:jackson-databind to v2.12.7.1 (master) #12
Security Report
❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.
❌ New vulnerabilities:
| Vulnerability | Severity |  CVSS Score |
Exploit Maturity | EPSS | Vulnerable Library | Direct Library | Suggested Fix | Issue | Reachability |
|---|---|---|---|---|---|---|---|---|---|
WS-2022-0468Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.12.7/4669a54b799c105572aa8de2a1ae0fe64a17745/jackson-core-2.12.7.jar Dependency Hierarchy: -> jackson-databind-2.12.7.1.jar (Root Library) -> ❌ jackson-core-2.12.7.jar (Vulnerable Library) |
 High |
7.5 | Not Defined | Transitive jackson-core-2.12.7.jar |
jackson-databind-2.12.7.1.jar | Transitive 2.15.0-rc1 |
None | ||
CVE-2025-52999Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.12.7/4669a54b799c105572aa8de2a1ae0fe64a17745/jackson-core-2.12.7.jar Dependency Hierarchy: -> jackson-databind-2.12.7.1.jar (Root Library) -> ❌ jackson-core-2.12.7.jar (Vulnerable Library) |
High |
7.5 | Not Defined | 0.0% | Transitive jackson-core-2.12.7.jar |
jackson-databind-2.12.7.1.jar | Transitive 2.15.0 |
None | |
CVE-2025-49128Path to dependency file: /build.gradle Path to vulnerable library: /tmp/containerbase/cache/.gradle/caches/modules-2/files-2.1/com.fasterxml.jackson.core/jackson-core/2.12.7/4669a54b799c105572aa8de2a1ae0fe64a17745/jackson-core-2.12.7.jar Dependency Hierarchy: -> jackson-databind-2.12.7.1.jar (Root Library) -> ❌ jackson-core-2.12.7.jar (Vulnerable Library) |
 Medium |
4.0 | Not Defined | 0.0% | Transitive jackson-core-2.12.7.jar |
jackson-databind-2.12.7.1.jar | Transitive https://github.com/FasterXML/jackson-core.git - jackson-core-2.13.0-rc1 |
None |
✔️ Remediated vulnerabilities:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2020-14061 | jackson-databind-2.9.9.jar |
| CVE-2019-16942 | jackson-databind-2.9.9.jar |
| CVE-2020-14060 | jackson-databind-2.9.9.jar |
| CVE-2020-11112 | jackson-databind-2.9.9.jar |
| CVE-2020-14062 | jackson-databind-2.9.9.jar |
| CVE-2020-11111 | jackson-databind-2.9.9.jar |
| CVE-2022-42004 | jackson-databind-2.9.9.jar |
| CVE-2020-10969 | jackson-databind-2.9.9.jar |
| CVE-2020-10650 | jackson-databind-2.9.9.jar |
| CVE-2020-10672 | jackson-databind-2.9.9.jar |
| CVE-2019-12814 | jackson-databind-2.9.9.jar |
| CVE-2025-52999 | jackson-core-2.9.9.jar |
| CVE-2019-14892 | jackson-databind-2.9.9.jar |
| CVE-2020-11113 | jackson-databind-2.9.9.jar |
| CVE-2020-14195 | jackson-databind-2.9.9.jar |
| CVE-2020-11619 | jackson-databind-2.9.9.jar |
| WS-2022-0468 | jackson-core-2.9.9.jar |
| CVE-2020-10673 | jackson-databind-2.9.9.jar |
| CVE-2019-14540 | jackson-databind-2.9.9.jar |
| CVE-2019-20330 | jackson-databind-2.9.9.jar |
| CVE-2019-17267 | jackson-databind-2.9.9.jar |
| CVE-2025-49128 | jackson-core-2.9.9.jar |
| CVE-2020-10968 | jackson-databind-2.9.9.jar |
| CVE-2022-42003 | jackson-databind-2.9.9.jar |
| CVE-2019-16943 | jackson-databind-2.9.9.jar |
| CVE-2020-11620 | jackson-databind-2.9.9.jar |
Base branch total remaining vulnerabilities: 66
Base branch commit: null
Total libraries scanned: 45
Scan token: 48048e36503e42bfb6fd1bb564501318