[Tutorial] Resolving Jackson Databind security vulnerability, VULNDB-275302

December 15, 2021

The following tutorial will help you resolve the Jackson Databind security vulnerability in Spring Boot apps that use Maven. The vulnerability ID is VULNDB-275302 in Sysdig.

Sysdig recommends you downgrade Jackson Databind to version 2.9.10.8. If you tried downgrading to that version and then find your app all broken, then here’s a solution for you!

1.) Update the Jackson Databind library to be 2.13.0-rc2:

<dependency>
    <groupId>com.fasterxml.jackson.core</groupId>
    <artifactId>jackson-databind</artifactId>
    <version>2.13.0-rc2</version>
</dependency>

That’s it! The above should resolve VULNDB-275302.

Vector image provided by Vectorstock.

security vulnerability Spring Boot

[Tutorial] Resolving Jackson Databind security vulnerability, VULNDB-275302

You Might Also Like

[Tutorial] Securing your API using Auth0 and Lock

[Tutorial] Enable 2FA (two-factor authentication) in 10 easy steps for Facebook

[Tutorial] Create a microservices application architecture with Spring Boot and Spring Cloud – Part 3 – Discovery service

[Tutorial] Resolving Log4j security vulnerability in a Spring Boot app with Maven *Updated for 2.17.2*

Goodbye Drupal, hello WordPress!

[Tutorial] Resolving Log4j security vulnerability in a Spring Boot app with Maven Updated for 2.17.2