aboutsummaryrefslogtreecommitdiff
path: root/plugins/base/build.gradle.kts
diff options
context:
space:
mode:
authorRyan Lewis <ryan@rlew.io>2022-11-10 08:01:34 +0000
committerGitHub <noreply@github.com>2022-11-10 09:01:34 +0100
commit7c3b40397d5b5922f7ac03d1153163011b988610 (patch)
tree03e1c2e77d9919a6c88347a5a531918763fb0b7f /plugins/base/build.gradle.kts
parent631934363a02e06b5f7dcb7a8141223c6363f2bb (diff)
downloaddokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.gz
dokka-7c3b40397d5b5922f7ac03d1153163011b988610.tar.bz2
dokka-7c3b40397d5b5922f7ac03d1153163011b988610.zip
Introduce jackson-databind constraint for 2.12.7.1 (#2733)
Fixes CVE-2022-42003
Diffstat (limited to 'plugins/base/build.gradle.kts')
-rw-r--r--plugins/base/build.gradle.kts6
1 files changed, 6 insertions, 0 deletions
diff --git a/plugins/base/build.gradle.kts b/plugins/base/build.gradle.kts
index 91684ece..93348ed7 100644
--- a/plugins/base/build.gradle.kts
+++ b/plugins/base/build.gradle.kts
@@ -11,6 +11,12 @@ dependencies {
val jackson_version: String by project
implementation("com.fasterxml.jackson.module:jackson-module-kotlin:$jackson_version")
+ val jackson_databind_version: String by project
+ constraints {
+ implementation("com.fasterxml.jackson.core:jackson-databind:$jackson_databind_version") {
+ because("CVE-2022-42003")
+ }
+ }
val freemarker_version: String by project
implementation("org.freemarker:freemarker:$freemarker_version")