Hello, Need to report a vulnerability<https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36518> that exists inside any jackson-databind version prior to version 2.13.2.1, as per my review, the latest kafka version is using jackson databind 2.12.6 , a micro-patch is released<https://github.com/FasterXML/jackson/wiki/Jackson-Release-2.13#micro-patches> for jackson 2.13. Thanks, Islam
- kafka | jackson-databind | CVE-2020-36518 Islam Farag
- Re: kafka | jackson-databind | CVE-2020-36518 Bruno Cadonna
