On Thu, Oct 27, 2022 at 3:43 AM Payyavula, Manjula Vani via dev <dev@httpd.apache.org> wrote: > > Hi Team, > > Please reply to my below query. > We are using FasterXML jackson-databind version 2.13.3 but facing > vulnerabilities like CVE-2022-42003 > So we have used FasterXML jackson-databind version 2.14.0-rc1but > vulnerabilities hasn't fixed. > Latest release 2.14.0-rc2 will have fix for these vulnerabilities? > > Team, could you please let us know when/which version of future releases > these vulnerabilities will have fixed.
Doesn't sound like a problem for dev@httpd.apache.org