[jira] [Updated] (BEAM-14227) CVE-2022-22965 vulnerability found in java-io-kafka component

bala barath (Jira) Fri, 01 Apr 2022 01:07:05 -0700


     [ 
https://issues.apache.org/jira/browse/BEAM-14227?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
 ]


bala barath updated BEAM-14227:
-------------------------------
    Summary: CVE-2022-22965 vulnerability found in java-io-kafka component  
(was: CVE-2022-22965 vulnerability found)

> CVE-2022-22965 vulnerability found in java-io-kafka component
> -------------------------------------------------------------
>
>                 Key: BEAM-14227
>                 URL: https://issues.apache.org/jira/browse/BEAM-14227
>             Project: Beam
>          Issue Type: Bug
>          Components: io-java-kafka
>    Affects Versions: 2.37.0
>            Reporter: bala barath
>            Priority: P1
>
> The beam sdk java io kafka uses 
>  
> {code:java}
> org.springframework:spring-expression:4.3.18.RELEASE{code}
>  
> which has a transitive dependency of 
>  
> {code:java}
> org.springframework:spring-core:4.3.18.RELEASE{code}
>  
> which is affected by the CVE-2022-22965 vulnerability.
>  
> References
> https://mvnrepository.com/artifact/org.springframework/spring-expression/4.3.18.RELEASE



--
This message was sent by Atlassian Jira
(v8.20.1#820001)

[jira] [Updated] (BEAM-14227) CVE-2022-22965 vulnerability found in java-io-kafka component

Reply via email to