Description
A Polymorphic Typing issue was discovered in FasterXML jackson-databind before 2.9.10. It is related to com.zaxxer.hikari.HikariDataSource. This is a different vulnerability than CVE-2019-14540.
Mitigation
*Update*: As of version 2.10.0, Jackson now provides a safe default typing solution that fully mitigates this vulnerability.
Reference: [https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2](https://medium.com/@cowtowncoder/jackson-2-10-features-cd880674d8a2)
We recommend upgrading to a version of this component that is not vulnerable to this specific issue.