Security scans report version of Jackson-dataformat-cobr 2.10.4

Jackson-dataformat-cobr 2.10.4 used by elasticsearch-x-content 7.9.x seems to have security issues:
CVE-2020-28491
CVE-2020-25649

Those issue seems to be fixed in later version of Jackson.
Is there an intention to upgrade jackson ? which version and when ?

1 Like

Welcome to our community! :smiley:

The best way to get some assistance with this is to check out Free and Open Search: The Creators of Elasticsearch, ELK & Kibana | Elastic