Hi,
I am trying to build my project with maven using:
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
But I got this error, when I build the project with dependency-check-maven plugin
One or more dependencies were identified with known vulnerabilities in Project:
jackson-databind-2.9.6.jar (cpe:/a:fasterxml:jackson-databind:2.9.6, com.fasterxml.jackson.core:jackson-databind:2.9.6, cpe:/a:fasterxml:jackson:2.9.6) : CVE-2018-14720, CVE-2018-19360, CVE-2018-14721, CVE-2018-19361, CVE-2019-12086, CVE-2018-19362, CVE-2018-14719,
CVE-2018-1000873
jackson-databind-2.9.9 should fix this.