Skip to content

fix(deps): vuln com.fasterxml.jackson.core:jackson-core (minor → 2.22.0) #3997

Closed
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/minorpatch/maven/2-1781556596
Closed

fix(deps): vuln com.fasterxml.jackson.core:jackson-core (minor → 2.22.0) #3997
gh-worker-campaigns-3e9aa4[bot] wants to merge 1 commit into
masterfrom
engraver-auto-version-upgrade/minorpatch/maven/2-1781556596

Conversation

@gh-worker-campaigns-3e9aa4

Copy link
Copy Markdown

Summary: Security update — 1 package upgraded (MINOR changes included)

Manifests changed:

  • . (maven)

✅ Action Required: Please review the changes below. If they look good, approve and merge this PR.


Updates

Package From To Type Dep Type Vulnerabilities Fixed
com.fasterxml.jackson.core:jackson-core 2.20.1 2.22.0 minor Direct 1 MEDIUM

Security Details

ℹ️ Other Vulnerabilities (1)
Package CVE Severity Summary Unsafe Version Fixed In
com.fasterxml.jackson.core:jackson-core GHSA-72hv-8253-57qq MODERATE jackson-core: Number Length Constraint Bypass in Async Parser Leads to Potential DoS Condition 2.20.1 2.21.1
⚠️ Dependencies that have Reached EOL (1)
Dependency Unsafe Version EOL Date New Version Path
com.fasterxml.jackson.core:jackson-core 2.20.1 - 2.22.0 pom.xml

Review Checklist

Standard review:

  • Review changes for compatibility with your code
  • Check for breaking changes in release notes
  • Run tests locally or wait for CI
  • Approve and merge this PR

Update Mode: all_vulns

🤖 Generated by DataDog Automated Dependency Management System

@dd-prapprover

dd-prapprover Bot commented Jun 16, 2026

Copy link
Copy Markdown

PRApprover will approve and merge this PR, FAQ, #dx-source-code-management

🛠️ PRApproval Status

  • ✅ PR is eligible for auto-approval by rule dependency-management-version-updater - 2026-07-02T20:21:28Z
  • ⬜ CI tests passed
  • ⬜ Approved
  • ⬜ Merge Started
  • ⬜ Merged

➡️ Current phase: CI tests failed. Please fix the failing tests to continue.

@datadog-prod-us1-5

datadog-prod-us1-5 Bot commented Jun 16, 2026

Copy link
Copy Markdown

Tests

🎉 All green!

🧪 All tests passed
❄️ No new flaky tests detected

This comment will be updated automatically if new data arrives.
🔗 Commit SHA: fff7ed2 | Docs | Datadog PR Page | Give us feedback!

@gh-worker-campaigns-3e9aa4

gh-worker-campaigns-3e9aa4 Bot commented Jul 2, 2026

Copy link
Copy Markdown
Author

Auto-rebase complete

Branch is up to date with master — rebased onto dfb5ae0.


Auto-Rebase · Add no-auto-rebase to opt out

@dd-octo-sts-2c363b dd-octo-sts-2c363b Bot force-pushed the engraver-auto-version-upgrade/minorpatch/maven/2-1781556596 branch from 724d902 to d70f0d7 Compare July 2, 2026 19:37
@dd-octo-sts-6cbbf8 dd-octo-sts-6cbbf8 Bot force-pushed the engraver-auto-version-upgrade/minorpatch/maven/2-1781556596 branch 2 times, most recently from f26cd7a to bc97ab7 Compare July 2, 2026 20:20
Co-authored-by: dd-octo-sts-6cbbf8[bot] <256648585+dd-octo-sts-6cbbf8[bot]@users.noreply.github.com>
@dd-octo-sts dd-octo-sts Bot force-pushed the engraver-auto-version-upgrade/minorpatch/maven/2-1781556596 branch from bc97ab7 to fff7ed2 Compare July 6, 2026 07:45
@gh-worker-campaigns-3e9aa4 gh-worker-campaigns-3e9aa4 Bot deleted the engraver-auto-version-upgrade/minorpatch/maven/2-1781556596 branch July 6, 2026 23:46
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants