[ https://issues.apache.org/jira/browse/KAFKA-8308?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Ismael Juma resolved KAFKA-8308. -------------------------------- Resolution: Fixed Assignee: Ismael Juma (was: Lee Dongjin) Fix Version/s: 2.3.0 This was fixed by https://github.com/apache/kafka/pull/6665 which was merged today (coincidentally). > Update jetty for security vulnerability CVE-2019-10241 > ------------------------------------------------------ > > Key: KAFKA-8308 > URL: https://issues.apache.org/jira/browse/KAFKA-8308 > Project: Kafka > Issue Type: Task > Components: core > Affects Versions: 2.2.0 > Reporter: Di Shang > Assignee: Ismael Juma > Priority: Major > Labels: security > Fix For: 2.3.0 > > > Kafka 2.2 uses jetty-*-9.4.14.v20181114 which is marked vulnerable > [https://github.com/apache/kafka/blob/2.2/gradle/dependencies.gradle#L58] > > [https://nvd.nist.gov/vuln/detail/CVE-2019-10241] -- This message was sent by Atlassian JIRA (v7.6.3#76005)