Update dependency com.fasterxml.jackson.core:jackson-databind to v2.18.9 (master)#16
Open
mend-for-github-com[bot] wants to merge 1 commit into
Mend for GitHub.com / WhiteSource Security Check
succeeded
Jul 14, 2026 in 1m 55s
Security Report
❗️Scan Incomplete: The scan completed with partial failure. The integration encountered issues with one or more projects in this repository, preventing their scan. The errors occurred in the following package managers: gradle. Consequently, there may be gaps in the coverage of open-source dependencies used in the repository.
Scan Details Report
gradle
/tmp/ws-scm/nexmo-java-code-snippets/build.gradle
| Step | Level | Description | Details |
|---|---|---|---|
| Preparing the project for scan | ⚠Warn | One or more of the dependencies are missing from the project | Failed to download the following dependencies: Unresolved dependencies in project "nexmo-java-code-snippets": 1. Dependency: "com.nexmo:com.nexmo:client:5.6.0"; Reason: Could not resolve com.nexmo:client:5.6.0. Required by: root project : 2. Dependency: "com.sparkjava:com.sparkjava:spark-core:2.6.0"; Reason: Could not resolve com.sparkjava:spark-core:2.6.0. Required by: root project : 3... |
https://vonagecc.jfrog.io/artifactory
| Step | Level | Description | Details |
|---|---|---|---|
| Checking registry connectivity | ⚠Warn | Problem occurred while connecting to the private registry host server, private registry returned 401 - Unauthorized | {"errors":[{"code":"UNAUTHORIZED","message":"Invalid token, parse"}]} |
https://vonagecc.jfrog.io/artifactory/maven
| Step | Level | Description | Details |
|---|---|---|---|
| Checking registry connectivity | ⚠Warn | Problem occurred while connecting to the private registry host server, private registry returned 401 - Unauthorized | {"errors":[{"code":"UNAUTHORIZED","message":"Invalid token, parse"}]} |
✔️ 👍 You have successfully remediated 97 vulnerabilities in this branch:
| Vulnerability | Vulnerable Library |
|---|---|
| CVE-2026-2332 | jetty-http-9.4.4.v20170414.jar |
| CVE-2020-14061 | jackson-databind-2.9.9.jar |
| CVE-2020-36182 | jackson-databind-2.9.9.jar |
| CVE-2019-10241 | jetty-servlet-9.4.4.v20170414.jar |
| CVE-2023-26049 | jetty-http-9.4.4.v20170414.jar |
| CVE-2020-36184 | jackson-databind-2.9.9.jar |
| CVE-2024-6763 | jetty-http-9.4.4.v20170414.jar |
| CVE-2023-36478 | jetty-http-9.4.4.v20170414.jar |
| CVE-2020-11111 | jackson-databind-2.9.9.jar |
| CVE-2022-2047 | jetty-client-9.4.4.v20170414.jar |
| CVE-2020-29582 | kotlin-stdlib-1.3.31.jar |
| CVE-2022-42004 | jackson-databind-2.9.9.jar |
| CVE-2020-36180 | jackson-databind-2.9.9.jar |
| CVE-2025-11143 | jetty-http-9.4.4.v20170414.jar |
| CVE-2018-12536 | jetty-servlet-9.4.4.v20170414.jar |
| CVE-2026-54514 | jackson-databind-2.9.9.jar |
| CVE-2019-10241 | jetty-util-9.4.4.v20170414.jar |
| CVE-2020-10672 | jackson-databind-2.9.9.jar |
| CVE-2025-52999 | jackson-core-2.9.9.jar |
| CVE-2022-2047 | jetty-http-9.4.4.v20170414.jar |
| CVE-2019-14892 | jackson-databind-2.9.9.jar |
| CVE-2020-11113 | jackson-databind-2.9.9.jar |
| CVE-2020-14195 | jackson-databind-2.9.9.jar |
| CVE-2020-36187 | jackson-databind-2.9.9.jar |
| CVE-2017-7656 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-8840 | jackson-databind-2.9.9.jar |
| CVE-2018-12538 | jetty-server-9.4.4.v20170414.jar |
| CVE-2021-29425 | commons-io-2.5.jar |
| CVE-2024-8184 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-27216 | jetty-webapp-9.4.4.v20170414.jar |
| CVE-2018-12545 | jetty-server-9.4.4.v20170414.jar |
| CVE-2017-7657 | jetty-http-9.4.4.v20170414.jar |
| CVE-2017-7656 | jetty-http-9.4.4.v20170414.jar |
| CVE-2021-20190 | jackson-databind-2.9.9.jar |
| CVE-2018-12536 | jetty-util-9.4.4.v20170414.jar |
| CVE-2020-10673 | jackson-databind-2.9.9.jar |
| CVE-2023-26048 | jetty-server-9.4.4.v20170414.jar |
| CVE-2019-14540 | jackson-databind-2.9.9.jar |
| CVE-2021-34428 | jetty-server-9.4.4.v20170414.jar |
| CVE-2019-20330 | jackson-databind-2.9.9.jar |
| CVE-2025-48924 | commons-lang3-3.5.jar |
| CVE-2022-2047 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-10968 | jackson-databind-2.9.9.jar |
| CVE-2020-36186 | jackson-databind-2.9.9.jar |
| CVE-2020-36181 | jackson-databind-2.9.9.jar |
| CVE-2024-47554 | commons-io-2.5.jar |
| CVE-2019-16943 | jackson-databind-2.9.9.jar |
| CVE-2020-13956 | httpclient-4.5.8.jar |
| CVE-2021-28169 | jetty-server-9.4.4.v20170414.jar |
| CVE-2017-9735 | jetty-util-9.4.4.v20170414.jar |
| CVE-2017-7658 | jetty-http-9.4.4.v20170414.jar |
| CVE-2020-36183 | jackson-databind-2.9.9.jar |
| CVE-2021-28165 | jetty-server-9.4.4.v20170414.jar |
| CVE-2019-16942 | jackson-databind-2.9.9.jar |
| CVE-2020-14060 | jackson-databind-2.9.9.jar |
| CVE-2020-11112 | jackson-databind-2.9.9.jar |
| CVE-2020-35728 | jackson-databind-2.9.9.jar |
| CVE-2020-9546 | jackson-databind-2.9.9.jar |
| CVE-2020-14062 | jackson-databind-2.9.9.jar |
| CVE-2019-10241 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-27218 | jetty-server-9.4.4.v20170414.jar |
| CVE-2019-10246 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-35490 | jackson-databind-2.9.9.jar |
| CVE-2020-36185 | jackson-databind-2.9.9.jar |
| CVE-2020-10969 | jackson-databind-2.9.9.jar |
| CVE-2023-26049 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-36179 | jackson-databind-2.9.9.jar |
| CVE-2021-28169 | jetty-http-9.4.4.v20170414.jar |
| CVE-2024-6763 | jetty-server-9.4.4.v20170414.jar |
| WS-2026-0003 | jackson-core-2.9.9.jar |
| CVE-2020-10650 | jackson-databind-2.9.9.jar |
| CVE-2019-12814 | jackson-databind-2.9.9.jar |
| CVE-2020-24750 | jackson-databind-2.9.9.jar |
| WS-2019-0379 | commons-codec-1.11.jar |
| CVE-2022-24329 | kotlin-stdlib-1.3.31.jar |
| CVE-2020-9548 | jackson-databind-2.9.9.jar |
| CVE-2017-9735 | jetty-server-9.4.4.v20170414.jar |
| CVE-2017-7657 | jetty-server-9.4.4.v20170414.jar |
| CVE-2018-12536 | jetty-server-9.4.4.v20170414.jar |
| WS-2023-0236 | jetty-xml-9.4.4.v20170414.jar |
| CVE-2026-6790 | jetty-server-9.4.4.v20170414.jar |
| CVE-2020-36188 | jackson-databind-2.9.9.jar |
| CVE-2020-24616 | jackson-databind-2.9.9.jar |
| CVE-2020-11619 | jackson-databind-2.9.9.jar |
| CVE-2024-13009 | jetty-server-9.4.4.v20170414.jar |
| WS-2022-0468 | jackson-core-2.9.9.jar |
| CVE-2019-17267 | jackson-databind-2.9.9.jar |
| CVE-2025-49128 | jackson-core-2.9.9.jar |
| CVE-2020-9547 | jackson-databind-2.9.9.jar |
| CVE-2020-35491 | jackson-databind-2.9.9.jar |
| CVE-2023-40167 | jetty-http-9.4.4.v20170414.jar |
| CVE-2021-28165 | jetty-io-9.4.4.v20170414.jar |
| CVE-2022-42003 | jackson-databind-2.9.9.jar |
| CVE-2020-36189 | jackson-databind-2.9.9.jar |
| CVE-2020-11620 | jackson-databind-2.9.9.jar |
| CVE-2020-25649 | jackson-databind-2.9.9.jar |
| CVE-2026-54515 | jackson-databind-2.9.9.jar |
Base branch total remaining vulnerabilities: 97
Base branch commit: null
Total libraries scanned: 4
Scan token: dbeeced4d511446b8fcb433ae6c1659a
Loading