You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@atlas.apache.org by "Pavel (Jira)" <ji...@apache.org> on 2022/07/13 05:51:00 UTC

[jira] [Updated] (ATLAS-4632) Upgrade kafka-clients dependency

     [ https://issues.apache.org/jira/browse/ATLAS-4632?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Pavel updated ATLAS-4632:
-------------------------
    Description: 
The org.apache.kafka.kafka-clients dependency used in the Atlas project contains vulnerabilities:
[http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17196]
[http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12399]
[http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38153]

The vulnerability description recommends upgrading this dependency to version 2.8.1 or higher

  was:
The org.apache.kafka.kafka-clients dependency used in the Atlas project contains vulnerabilities:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17196
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12399
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38153

The vulnerability description recommends upgrading this dependency to version 2.8.1 or hig


> Upgrade kafka-clients dependency
> --------------------------------
>
>                 Key: ATLAS-4632
>                 URL: https://issues.apache.org/jira/browse/ATLAS-4632
>             Project: Atlas
>          Issue Type: Improvement
>    Affects Versions: 2.1.0, 3.0.0, 2.2.0
>            Reporter: Pavel
>            Priority: Major
>
> The org.apache.kafka.kafka-clients dependency used in the Atlas project contains vulnerabilities:
> [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-17196]
> [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-12399]
> [http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2021-38153]
> The vulnerability description recommends upgrading this dependency to version 2.8.1 or higher



--
This message was sent by Atlassian Jira
(v8.20.10#820010)