Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-14100

Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Major
    • Resolution: Duplicate
    • 2.8.1
    • 3.0.1, 3.2.0, 3.1.1
    • None

    Description

      CVE ID  Type Severity Packages Package Version CVSS Fix Status
      CVE-2022-2048  java high org.eclipse.jetty_jetty-io 9.4.44.v20210927 7.5 fixed in 11.0.9, 10.0.9, 9.4.47

      Our security scan detected the above vulnerabilities

      upgrade to correct versions for fixing vulnerabilities

      Attachments

        Issue Links

        duplicates

        Bug - A problem which impairs or prevents the functions of the product. KAFKA-14107 Upgrade Jetty for CVE fixes

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Resolved
        is a clone of

        Bug - A problem which impairs or prevents the functions of the product. KAFKA-13658 Upgrade vulnerable dependencies jan 2022

        • Major - Major loss of function.
        • Resolved
        relates to

        Bug - A problem which impairs or prevents the functions of the product. KAFKA-14107 Upgrade Jetty for CVE fixes

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Resolved

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            Unassigned Unassigned
            shivakumar Shivakumar
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment