Skip to content

fix: bump jackson to address CVE-2026-54513 fixes #2544#2574

Merged
phipag merged 2 commits into
aws-powertools:mainfrom
pascalknupper:main
Jul 15, 2026
Merged

fix: bump jackson to address CVE-2026-54513 fixes #2544#2574
phipag merged 2 commits into
aws-powertools:mainfrom
pascalknupper:main

Conversation

@pascalknupper

@pascalknupper pascalknupper commented Jul 13, 2026

Copy link
Copy Markdown
Contributor

Summary

Changes

Bump Jackson to 2.22.1 to address CVE-2026-54513 closes #2544

Issue number: #2544


By submitting this pull request, I confirm that you can use, modify, copy, and redistribute this contribution, under the terms of your choice.

Disclaimer: We value your time and bandwidth. As such, any pull requests created on non-triaged issues might not be successful.

@pascalknupper pascalknupper changed the title fix: bump jackson to address CVE-2026-54513 fix: bump jackson to address CVE-2026-54513 fixes #2544 Jul 13, 2026
@phipag

phipag commented Jul 14, 2026

Copy link
Copy Markdown
Contributor

Hey @pascalknupper , thanks for sending this. Can you resolve the merge conflict and the related issue check workflow?

@sonarqubecloud

Copy link
Copy Markdown

@phipag phipag left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM. Thanks for your proactive contribution @pascalknupper and for raising the security bar! 🥳

@phipag
phipag merged commit 5a5487b into aws-powertools:main Jul 15, 2026
15 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

Projects

None yet

Development

Successfully merging this pull request may close these issues.

Maintenance: Using vulnerable jackson-databind version

2 participants