You are viewing a plain text version of this content. The canonical link for it is here.
Posted to jira@kafka.apache.org by "José Armando García Sancio (Jira)" <ji...@apache.org> on 2022/11/15 17:45:00 UTC
[jira] [Updated] (KAFKA-14320) Upgrade Jackson for CVE fix
[ https://issues.apache.org/jira/browse/KAFKA-14320?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
José Armando García Sancio updated KAFKA-14320:
-----------------------------------------------
Fix Version/s: 3.4.0
3.3.2
(was: 3.3.0)
> Upgrade Jackson for CVE fix
> ---------------------------
>
> Key: KAFKA-14320
> URL: https://issues.apache.org/jira/browse/KAFKA-14320
> Project: Kafka
> Issue Type: Bug
> Components: core
> Affects Versions: 3.2.0
> Reporter: Javier Li Sam
> Assignee: Thomas Cooper
> Priority: Minor
> Labels: security
> Fix For: 3.4.0, 3.3.2
>
>
> There is a CVE for Jackson:
> Jackson: [CVE-2020-36518|https://nvd.nist.gov/vuln/detail/CVE-2020-36518] - Fixed by upgrading to 2.14.0+
--
This message was sent by Atlassian Jira
(v8.20.10#820010)