Namrata Kokate created KAFKA-8952:
-------------------------------------
Summary: Vulnerabilities found for jackson-databind-2.9.9.jar and
guava-20.0.jar in latest Apache-kafka latest version 2.3.0
Key: KAFKA-8952
URL: https://issues.apache.org/jira/browse/KAFKA-8952
Project: Kafka
Issue Type: New Feature
Affects Versions: 2.3.0
Reporter: Namrata Kokate
I am currently using apache kafka latest version-2.3.0, however When I deployed
the binary on the containers, I can see the vulnerability reported for the two
jars - jackson-databind-2.9.9.jar and guava-20.0.jar
I can see these vulnerabilities have been removed in the
jackson-databind-2.9.10.jar and guava-24.1.1-jre.jar jars but the apache-kafka
version 2.3.0 does not include these new jars.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
