[jira] [Commented] (KAFKA-13726) Fix Vulnerability CVE-2022-23181 -Upgrade org.apache.tomcat.embed_tomcat-embed-core

Shivakumar (Jira) Tue, 14 Jun 2022 20:51:07 -0700


    [ 
https://issues.apache.org/jira/browse/KAFKA-13726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554353#comment-17554353
 ]


Shivakumar commented on KAFKA-13726:
------------------------------------

getting this vulnerability in *3.1.1 Kafka* version as well.

> Fix Vulnerability CVE-2022-23181 -Upgrade 
> org.apache.tomcat.embed_tomcat-embed-core
> -----------------------------------------------------------------------------------
>
>                 Key: KAFKA-13726
>                 URL: https://issues.apache.org/jira/browse/KAFKA-13726
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 2.8.1
>            Reporter: Chris Sabelstrom
>            Priority: Major
>
> Our security scanner detected the following vulnerablity. Please upgrade to 
> version noted in Fix Status column.
> |CVE ID|Severity|Packages|Package Version|CVSS|Fix Status|
> |CVE-2022-23181|high|org.apache.tomcat.embed_tomcat-embed-core|9.0.54|7|fixed 
> in 10.0.0, 9.0.1|



--
This message was sent by Atlassian Jira
(v8.20.7#820007)

[jira] [Commented] (KAFKA-13726) Fix Vulnerability CVE-2022-23181 -Upgrade org.apache.tomcat.embed_tomcat-embed-core

Reply via email to