Skip to content

Upgrade Jackson dependencies to 2.22.0 to address known security vulnerabilities #768

Description

@souravpattnaik431

The SDK currently depends on Jackson 2.21.x components, for example:

  • com.fasterxml.jackson.core:jackson-annotations
  • com.fasterxml.jackson.core:jackson-databind
  • com.fasterxml.jackson.core:jackson-core
  • com.fasterxml.jackson.datatype:jackson-datatype-jdk8
  • com.fasterxml.jackson.datatype:jackson-datatype-jsr310
  • com.fasterxml.jackson.module:jackson-module-kotlin

2.21.4 has
Direct vulnerabilities:
CVE-2026-54515
Vulnerabilities from dependencies:
CVE-2026-24400

Please upgrade the Jackson dependencies to 2.22.0

References

Metadata

Metadata

Assignees

No one assigned

    Labels

    No labels
    No labels

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions