[jira] [Created] (KAFKA-14044) Upgrade Netty and Jackson for CVE fixes

Thomas Cooper (Jira) Mon, 04 Jul 2022 09:27:07 -0700

Thomas Cooper created KAFKA-14044:
-------------------------------------

             Summary: Upgrade Netty and Jackson for CVE fixes
                 Key: KAFKA-14044
                 URL: https://issues.apache.org/jira/browse/KAFKA-14044
             Project: Kafka
          Issue Type: Bug
            Reporter: Thomas Cooper
            Assignee: Thomas Cooper



There are a couple of CVEs for netty and Jackson:

Netty: [CVE-2022-24823|https://www.cve.org/CVERecord?id=CVE-2022-24823] - Fixed 
by upgrading to 4.1.77+

Jackson: [CVE-2020-36518|https://www.cve.org/CVERecord?id=CVE-2020-36518] - 
Fixed by upgrading to 2.13.0+



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (KAFKA-14044) Upgrade Netty and Jackson for CVE fixes

Reply via email to