Di Shang created KAFKA-8308: ------------------------------- Summary: Update jetty for security vulnerability CVE-2019-10241 Key: KAFKA-8308 URL: https://issues.apache.org/jira/browse/KAFKA-8308 Project: Kafka Issue Type: Task Components: core Affects Versions: 2.2.0 Reporter: Di Shang
Kafka 2.2 uses jetty-*-9.4.14.v20181114 which is marked vulnerable [https://github.com/apache/kafka/blob/2.2/gradle/dependencies.gradle#L58] [https://nvd.nist.gov/vuln/detail/CVE-2019-10241] -- This message was sent by Atlassian JIRA (v7.6.3#76005)