When Jackson 2.15 is released in mid-April, we should update our own Jackson dependency to eliminate the snakeyaml vulnerability bought in and relating to: https://jira.camunda.com/browse/SEC-270. 

ATs:

• We no longer depend on Snakeyaml versions lower than 2.0
• This is backported to the 3.10, 3.9. 3.8, 3.7 maintenance branches