[jira] [Created] (KAFKA-13775) CVE-2020-36518 - Upgrade jackson-databind to 2.12.6.1

[Edwin Hobor (Jira)]

Edwin Hobor created KAFKA-13775:
-----------------------------------

             Summary: CVE-2020-36518 - Upgrade jackson-databind to 2.12.6.1
                 Key: KAFKA-13775
                 URL: https://issues.apache.org/jira/browse/KAFKA-13775
             Project: Kafka
          Issue Type: Bug
    Affects Versions: 3.0.1, 3.0.0, 3.1.0
            Reporter: Edwin Hobor


*CVE-2020-36518* vulnerability affects Jackson-Databind in Kafka (see 
[https://github.com/advisories/GHSA-57j2-w4cx-62h2]).

Upgrading to jackson-databind version *2.12.6.1* should address this issue.



--
This message was sent by Atlassian Jira
(v8.20.1#820001)