[
https://issues.apache.org/jira/browse/KAFKA-8952?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Ismael Juma reassigned KAFKA-8952:
----------------------------------
Assignee: Ismael Juma
> Vulnerabilities found for jackson-databind-2.9.9.jar and guava-20.0.jar in
> latest Apache-kafka latest version 2.3.0
> -------------------------------------------------------------------------------------------------------------------
>
> Key: KAFKA-8952
> URL: https://issues.apache.org/jira/browse/KAFKA-8952
> Project: Kafka
> Issue Type: New Feature
> Affects Versions: 2.3.0
> Reporter: Namrata Kokate
> Assignee: Ismael Juma
> Priority: Blocker
> Fix For: 2.3.1
>
>
> I am currently using apache kafka latest version-2.3.0, however When I
> deployed the binary on the containers, I can see the vulnerability reported
> for the two jars - jackson-databind-2.9.9.jar and guava-20.0.jar
>
> I can see these vulnerabilities have been removed in the
> jackson-databind-2.9.10.jar and guava-24.1.1-jre.jar jars but the
> apache-kafka version 2.3.0 does not include these new jars.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
