[ https://issues.apache.org/jira/browse/KAFKA-14100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Shivakumar updated KAFKA-14100: ------------------------------- Description: ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| |CVE-2022-2048 |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, 10.0.9, 9.4.47| Our security scan detected the above vulnerabilities upgrade to correct versions for fixing vulnerabilities was: |Packages|Package Version|CVSS|Fix Status| |com.fasterxml.jackson.core_jackson-databind| 2.10.5.1| 7.5| fixed in 2.14, 2.13.1, 2.12.6| | | | | | Our security scan detected the above vulnerabilities upgrade to correct versions for fixing vulnerabilities > Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022 > -------------------------------------------------------------- > > Key: KAFKA-14100 > URL: https://issues.apache.org/jira/browse/KAFKA-14100 > Project: Kafka > Issue Type: Bug > Affects Versions: 2.8.1 > Reporter: Shivakumar > Priority: Major > Labels: secutiry > Fix For: 3.0.1, 3.2.0, 3.1.1 > > > ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| > |CVE-2022-2048 > |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, > 10.0.9, 9.4.47| > Our security scan detected the above vulnerabilities > upgrade to correct versions for fixing vulnerabilities -- This message was sent by Atlassian Jira (v8.20.10#820010)