[KAFKA-8952] Vulnerabilities found for jackson-databind-2.9.9 - ASF JIRA

XML

Word

Printable

JSON

Details

Type: New Feature
Status: Resolved
Priority: Blocker
Resolution: Fixed
Affects Version/s: 2.3.0
Fix Version/s: 2.2.2, 2.4.0, 2.3.1
Component/s: None
Labels:
None

Flags:

Patch, Important

Description

I am currently using apache kafka latest version-2.3.0, however When I deployed the binary on the containers, I can see the vulnerability reported for the two jars - jackson-databind-2.9.9.jar and guava-20.0.jar (filed ~~KAFKA-8959~~ for the Guava part).

Attachments

Issue Links

links to

GitHub Pull Request #7411

Activity

People

Assignee:: Ismael Juma

Reporter:: Namrata Kokate

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 27/Sep/19 06:52

Updated:: 29/Sep/19 17:28

Resolved:: 29/Sep/19 17:28