fix azure jackson-databind vulnerability
Change details
- upgrade
jackson-databind
to2.15.2
Changes in:
-
GCP -
Azure -
AWS -
IBM
Edited by VidyaDharani Lokam
Merge request reports
Activity
changed milestone to %M21 - Release 0.24
added Azure Vulnerability Management labels
assigned to @vidya
Hello @Srinivasan_Narayanan - Kindly review and approve the vulnerability remediation MR (Azure only changes).
- Pipeline all azure related jobs are passed, other failed jobs are unrelated to MR (since the changes are only in Azure).
- Verified the remediation by
mvn dependency:tree
- Trivy container_scanning job -
jackson-databind
dependency is not listed in the vulnerability list
cc: @chad @nursheikh @lucynliu @thulasi_dass
Thanks!
mentioned in commit 7a87a07f
Please register or sign in to reply