Uploaded image for project: 'Kafka'
  1. Kafka
  2. KAFKA-14320

Upgrade Jackson for CVE fix

Attach filesAttach ScreenshotVotersWatch issueWatchersCreate sub-taskLinkCloneUpdate Comment AuthorReplace String in CommentUpdate Comment VisibilityDelete Comments
    XMLWordPrintableJSON

Details

    • Bug
    • Status: Resolved
    • Minor
    • Resolution: Fixed
    • 3.2.0
    • 3.4.0, 3.3.2
    • core

    Description

      There is a CVE for Jackson:

      Jackson: CVE-2020-36518 - Fixed by upgrading to 2.14.0+

      Attachments

        Issue Links

        is a clone of

        Bug - A problem which impairs or prevents the functions of the product. KAFKA-14044 Upgrade Netty and Jackson for CVE fixes

        • Minor - Minor loss of function, or other problem where easy workaround is present.
        • Resolved
        links to

        Web Link GitHub Pull Request #12766

        Web Link GitHub Pull Request #12840

        Activity
          This comment will be Viewable by All Users Viewable by All Users
          Cancel

          People

            tomncooper Thomas Cooper
            jlisam Javier Li Sam
            Votes:
            0 Vote for this issue
            Watchers:
            1 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved:

              Slack

                Issue deployment