We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
There was an error while loading. Please reload this page.
2 parents 419180c + f5a84a5 commit ce50e4cCopy full SHA for ce50e4c
release-notes/VERSION-2.x
@@ -166,6 +166,13 @@ No changes since 2.13.2.1 but fixed Gradle Module Metadata ("module.json")
166
via `AsNull`
167
- Add `mvnw` wrapper
168
169
+2.12.7.1 (12-Oct-2022)
170
+
171
+#3582: Add check in `BeanDeserializer._deserializeFromArray()` to prevent
172
+ use of deeply nested arrays [CVE-2022-42004]
173
+#3590: Add check in primitive value deserializers to avoid deep wrapper array
174
+ nesting wrt `UNWRAP_SINGLE_VALUE_ARRAYS` [CVE-2022-42003]
175
176
2.12.7 (26-May-2022)
177
178
#2816: Optimize UntypedObjectDeserializer wrt recursion [CVE-2020-36518]
0 commit comments