[ https://issues.apache.org/jira/browse/KAFKA-15000?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17798605#comment-17798605 ]
Mickael Maison commented on KAFKA-15000: ---------------------------------------- We bumped Jackson to 2.16 in https://issues.apache.org/jira/browse/KAFKA-15208, so marking this as resolved > High vulnerability PRISMA-2023-0067 reported in jackson-core > ------------------------------------------------------------ > > Key: KAFKA-15000 > URL: https://issues.apache.org/jira/browse/KAFKA-15000 > Project: Kafka > Issue Type: Bug > Affects Versions: 3.4.0, 3.3.2, 3.5.1 > Reporter: Arushi Rai > Assignee: Said BOUDJELDA > Priority: Critical > Fix For: 3.7.0 > > > Kafka is using jackson-core version 2.13.4 which has high vulnerability > reported [PRISMA-2023-0067. > |https://github.com/FasterXML/jackson-core/pull/827] > This vulnerability is fix in Jackson-core 2.15.0 and Kafka should upgrade to > the same. -- This message was sent by Atlassian Jira (v8.20.10#820010)