[jira] [Updated] (KAFKA-14100) Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022
[ https://issues.apache.org/jira/browse/KAFKA-14100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jose Armando Garcia Sancio updated KAFKA-14100: --- Fix Version/s: (was: 3.3.0) > Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022 > -- > > Key: KAFKA-14100 > URL: https://issues.apache.org/jira/browse/KAFKA-14100 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.1 >Reporter: Shivakumar >Priority: Major > Labels: secutiry > Fix For: 3.0.1, 3.2.0, 3.1.1 > > > ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| > |CVE-2022-2048 > |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, > 10.0.9, 9.4.47| > Our security scan detected the above vulnerabilities > upgrade to correct versions for fixing vulnerabilities -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (KAFKA-14100) Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022
[ https://issues.apache.org/jira/browse/KAFKA-14100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Jose Armando Garcia Sancio updated KAFKA-14100: --- Fix Version/s: 3.3.0 > Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022 > -- > > Key: KAFKA-14100 > URL: https://issues.apache.org/jira/browse/KAFKA-14100 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.1 >Reporter: Shivakumar >Priority: Major > Labels: secutiry > Fix For: 3.0.1, 3.2.0, 3.1.1, 3.3.0 > > > ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| > |CVE-2022-2048 > |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, > 10.0.9, 9.4.47| > Our security scan detected the above vulnerabilities > upgrade to correct versions for fixing vulnerabilities -- This message was sent by Atlassian Jira (v8.20.10#820010)
[jira] [Updated] (KAFKA-14100) Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022
[ https://issues.apache.org/jira/browse/KAFKA-14100?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ] Shivakumar updated KAFKA-14100: --- Description: ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| |CVE-2022-2048 |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, 10.0.9, 9.4.47| Our security scan detected the above vulnerabilities upgrade to correct versions for fixing vulnerabilities was: |Packages|Package Version|CVSS|Fix Status| |com.fasterxml.jackson.core_jackson-databind| 2.10.5.1| 7.5| fixed in 2.14, 2.13.1, 2.12.6| | | | | | Our security scan detected the above vulnerabilities upgrade to correct versions for fixing vulnerabilities > Upgrade vulnerable dependencies Kafka version 3.1.1 July 2022 > -- > > Key: KAFKA-14100 > URL: https://issues.apache.org/jira/browse/KAFKA-14100 > Project: Kafka > Issue Type: Bug >Affects Versions: 2.8.1 >Reporter: Shivakumar >Priority: Major > Labels: secutiry > Fix For: 3.0.1, 3.2.0, 3.1.1 > > > ||CVE ID ||Type||Severity||Packages||Package Version||CVSS||Fix Status|| > |CVE-2022-2048 > |java|high|org.eclipse.jetty_jetty-io|9.4.44.v20210927|7.5|fixed in 11.0.9, > 10.0.9, 9.4.47| > Our security scan detected the above vulnerabilities > upgrade to correct versions for fixing vulnerabilities -- This message was sent by Atlassian Jira (v8.20.10#820010)