Arushi Rai created KAFKA-15002:
----------------------------------
Summary: Moderate vulnerability in org.bitbucket.b_c_jose4j
Key: KAFKA-15002
URL: https://issues.apache.org/jira/browse/KAFKA-15002
Project: Kafka
Issue Type: Task
Affects Versions: 3.3.2, 3.4.0
Reporter: Arushi Rai
Kafka is using package org.bitbucket.b_c_jose4j on versionĀ 0.7.9 where medium
vulnerability is reported
[GHSA-jgvc-jfgh-rjvv|https://github.com/advisories/GHSA-jgvc-jfgh-rjvv].
Fix is available in version 0.9.3 and Kafka should look to update to the fix
version.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)