Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-13805

Upgrade vulnerable dependencies march 2022

    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Blocker
    • Resolution: Fixed
    • 2.8.1, 3.0.1
    • None
    • None

    Description

      https://nvd.nist.gov/vuln/detail/CVE-2020-36518

      Packages Package Version CVSS Fix Status
      com.fasterxml.jackson.core_jackson-databind  2.10.5.1  7.5 fixed in 2.13.2.1
      com.fasterxml.jackson.core_jackson-databind 2.13.1 7.5 fixed in 2.13.2.1

      Our security scan detected the above vulnerabilities

      upgrade to correct versions for fixing vulnerabilities

      Attachments

        Issue Links

          is a clone of

          Bug - A problem which impairs or prevents the functions of the product. KAFKA-13658 Upgrade vulnerable dependencies jan 2022

          • Major - Major loss of function.
          • Resolved

          Activity

            People

              Unassigned Unassigned
              shivakumar Shivakumar
              Abhishek Nayyar Abhishek Nayyar
              Votes:
              0 Vote for this issue
              Watchers:
              6 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: