[jira] [Commented] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02

Dongjin Lee (Jira) Thu, 06 May 2021 07:07:06 -0700


    [ 
https://issues.apache.org/jira/browse/KAFKA-12752?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17340231#comment-17340231
 ]


Dongjin Lee commented on KAFKA-12752:
-------------------------------------

https://github.com/apache/kafka/pull/10641

> CVE-2021-28168 upgrade jersey to 2.34 or 3.02
> ---------------------------------------------
>
>                 Key: KAFKA-12752
>                 URL: https://issues.apache.org/jira/browse/KAFKA-12752
>             Project: Kafka
>          Issue Type: Bug
>    Affects Versions: 2.8.0
>            Reporter: John Stacy
>            Assignee: Dongjin Lee
>            Priority: Major
>              Labels: CVE, security
>
> [https://nvd.nist.gov/vuln/detail/CVE-2021-28168]
> CVE-2021-28168 affects jersey versions <=2.33, <=3.0.1. Upgrading to 2.34 or 
> 3.02 should resolve the issue.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

[jira] [Commented] (KAFKA-12752) CVE-2021-28168 upgrade jersey to 2.34 or 3.02

Reply via email to