[
https://issues.apache.org/jira/browse/CAMEL-18621?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17625279#comment-17625279
]
Andrea Cosentino commented on CAMEL-18621:
------------------------------------------
I don't think is a good idea to follow the micro release. It's hard to align in
all the runtime. We will update to 2.14 on 3.18 too
> Vulnerabilities identified with jackson-databind dependency
> -----------------------------------------------------------
>
> Key: CAMEL-18621
> URL: https://issues.apache.org/jira/browse/CAMEL-18621
> Project: Camel
> Issue Type: Dependency upgrade
> Components: camel-jackson
> Affects Versions: 3.18.2, 3.19.0
> Reporter: Sasikumar Muthukrishnan Sampath
> Priority: Minor
> Fix For: 3.20.0
>
>
> There are two new vulnerabilities identified with jackson-databind
> dependency. Please upgrade the jackson dependency version to 2.14.x
> [CVE-2022-42003|https://github.com/advisories/GHSA-rgv9-q543-rqg4]
> [CVE-2022-42004|https://github.com/advisories/GHSA-rgv9-q543-rqg4].
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
