Namrata Kokate created KAFKA-8952: ------------------------------------- Summary: Vulnerabilities found for jackson-databind-2.9.9.jar and guava-20.0.jar in latest Apache-kafka latest version 2.3.0 Key: KAFKA-8952 URL: https://issues.apache.org/jira/browse/KAFKA-8952 Project: Kafka Issue Type: New Feature Affects Versions: 2.3.0 Reporter: Namrata Kokate
I am currently using apache kafka latest version-2.3.0, however When I deployed the binary on the containers, I can see the vulnerability reported for the two jars - jackson-databind-2.9.9.jar and guava-20.0.jar I can see these vulnerabilities have been removed in the jackson-databind-2.9.10.jar and guava-24.1.1-jre.jar jars but the apache-kafka version 2.3.0 does not include these new jars. -- This message was sent by Atlassian Jira (v8.3.4#803005)