I am using “spring-boot-starter-camunda:8.2.0” and can be seen there is some vulnerability which got caught during security scan.So, how can be override the dependency version as I am unable to do using <artifactId.version></artifactId.version>.
I can see it exist in depedency hierarchy.
If you are using maven then you can just list the version you want as dependency in your pom because this version takes precedence over the versions imported by dependencies. And you can also exclude packages from dependencies.
Hi @yadav1990 - you can also open an issue on the repo for that package. You are running 8.2.0 and there is a newer version available (8.2.2) - are you able to update to 8.2.2, and is there still an issue with that version?