We have updated the
jackson-databind library in our Java SDKs due to a vulnerability reported recently. Please generate a new Java SDK from APIMatic to get the fix.
The following vulnerability, detailed in CVE-2019-16335, was reported in the version
2.9.9 of the
jackson-databind library that we were using:
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
com.fasterxml.jackson.core:jackson-databind needs to be updated to version
2.9.10. For example:
You can generate a new Java SDK from APIMatic to receive this fix.