You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@kafka.apache.org by "Vikash Mishra (Jira)" <ji...@apache.org> on 2023/04/20 07:20:00 UTC
[jira] [Created] (KAFKA-14923) Upgrade io.netty_netty-codec for CVE-2022-41881
Vikash Mishra created KAFKA-14923:
-------------------------------------
Summary: Upgrade io.netty_netty-codec for CVE-2022-41881
Key: KAFKA-14923
URL: https://issues.apache.org/jira/browse/KAFKA-14923
Project: Kafka
Issue Type: Task
Affects Versions: 3.3.2, 3.4.0
Reporter: Vikash Mishra
Currently used io.netty_netty-codec version 4.1.78 has high severity CVE: [NVD - CVE-2022-41881 (nist.gov)|https://nvd.nist.gov/vuln/detail/CVE-2022-41881]
Fix was patched in version 4.1.86.Final. As we have higher stable version 4.1.91.Final available we should upgrade to same to fix mentioned CVE.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)