update jackson-databind to fix CVE-2020-36518

## Bug Report

### 1. Describe the bug

> jackson-databind is a data-binding package for the Jackson Data Processor. jackson-databind allows a Java stack overflow exception and denial of service via a large depth of nested objects. There is currently no workaround but a patch will be available in version 2.14.

CVE ID: CVE-2020-36518

### 2. Minimal reproduce step (Required)

N/A

### 3. What did you see instead (Required)

<img width="1244" alt="Screen Shot 2022-03-24 at 14 14 13" src="https://user-images.githubusercontent.com/5268763/159853808-2d85c4e3-d3f8-47f9-b73c-fc641897ef88.png">


### 4. What did you expect to see? (Required)


### 5. What is your Java Client and TiKV version? (Required)

- Client Java: latest(commit hash: 92fea3289a346a6ac68c089401596611471e90b2)
- TiKV: N/A


Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

update jackson-databind to fix CVE-2020-36518 #567

Bug Report

1. Describe the bug

2. Minimal reproduce step (Required)

3. What did you see instead (Required)

4. What did you expect to see? (Required)

5. What is your Java Client and TiKV version? (Required)

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

update jackson-databind to fix CVE-2020-36518 #567

Description

Bug Report

1. Describe the bug

2. Minimal reproduce step (Required)

3. What did you see instead (Required)

4. What did you expect to see? (Required)

5. What is your Java Client and TiKV version? (Required)

Metadata

Metadata

Assignees

Labels

Type

Projects

Milestone

Relationships

Development

Issue actions