The SDK currently depends on Jackson 2.21.x components, for example:
com.fasterxml.jackson.core:jackson-annotations
com.fasterxml.jackson.core:jackson-databind
com.fasterxml.jackson.core:jackson-core
com.fasterxml.jackson.datatype:jackson-datatype-jdk8
com.fasterxml.jackson.datatype:jackson-datatype-jsr310
com.fasterxml.jackson.module:jackson-module-kotlin
2.21.4 has
Direct vulnerabilities:
CVE-2026-54515
Vulnerabilities from dependencies:
CVE-2026-24400
Please upgrade the Jackson dependencies to 2.22.0
References
The SDK currently depends on Jackson 2.21.x components, for example:
com.fasterxml.jackson.core:jackson-annotationscom.fasterxml.jackson.core:jackson-databindcom.fasterxml.jackson.core:jackson-corecom.fasterxml.jackson.datatype:jackson-datatype-jdk8com.fasterxml.jackson.datatype:jackson-datatype-jsr310com.fasterxml.jackson.module:jackson-module-kotlin2.21.4 has
Direct vulnerabilities:
CVE-2026-54515
Vulnerabilities from dependencies:
CVE-2026-24400
Please upgrade the Jackson dependencies to 2.22.0
References