Skip to content

Bump baseline micrometer-core from 1.9.9 (CVE-2026-40984) #2927

Open
Open
Bump baseline micrometer-core from 1.9.9 (CVE-2026-40984)#2927
Labels
enhancementUser experience

Description

@deepika-awasthi
deepika-awasthi
opened on Jun 24, 2026

sdk pins micrometer-core to 1.9.9 via the micrometer BOM ( we pin to the lowest supported version ([1.0.0,)) so we don't force users onto Kotlin 1.6, which micrometer 1.10.x requires) Users can safely override upward in their own builds.

flagged CVE (CVE-2026-40984, DoS)

Request to fix upstream

Metadata

Metadata

Assignees

No one assigned

    Labels

    enhancementUser experience

    Type

    No type

    Fields

    No fields configured for issues without a type.

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions