Skip to content

0.17.1 / 2022-09-10

Compare
Choose a tag to compare
@fstab fstab released this 10 Sep 21:05

Minor release updating the snakeyaml dependency from 1.30 to 1.31, because version 1.30 is vulnerable to CVE-2022-25857.

Note that jmx_exporter uses snakeyaml only to parse its config file. That means unless you have untrusted 3rd parties write your jmx_exporter config the CVE does not apply. However, if you have automated security scanners complaining about the vulnerable snakeyaml version this update will help.

As always, the jmx_exporter binaries are available on Maven central: