Edwin Hobor created KAFKA-12655: ----------------------------------- Summary: CVE-2021-28165 - Upgrade jetty to 9.4.39 Key: KAFKA-12655 URL: https://issues.apache.org/jira/browse/KAFKA-12655 Project: Kafka Issue Type: Bug Affects Versions: 2.6.1, 2.7.0 Reporter: Edwin Hobor
*CVE-2021-28165* vulnerability affects Jetty versions up to +*[9.4.38|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165] [|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165].*+ For more information see [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28165] Upgrading to Jetty version *9.4.39* should address this issue ([https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.39.v20210325)|https://github.com/eclipse/jetty.project/releases/tag/jetty-9.4.39.v20210325]. -- This message was sent by Atlassian Jira (v8.3.4#803005)