[
https://issues.apache.org/jira/browse/KYLIN-5790?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17835452#comment-17835452
]
ASF subversion and git services commented on KYLIN-5790:
Commit 2695c5da83d9ccfb2a3177b9947e6eda4e6c1715 in kylin's branch
refs/heads/kylin5 from sibingzhang
[ https://gitbox.apache.org/repos/asf?p=kylin.git;h=2695c5da83 ]
KYLIN-5790 Security of kafka-clients
Co-authored-by: sibing.zhang
> Security of kafka-clients
> -
>
> Key: KYLIN-5790
> URL: https://issues.apache.org/jira/browse/KYLIN-5790
> Project: Kylin
> Issue Type: Bug
> Components: Query Engine
>Affects Versions: 5.0-beta
>Reporter: pengfei.zhan
>Assignee: pengfei.zhan
>Priority: Major
> Fix For: 5.0-beta
>
>
> |high
> (8.8)|[CVE-2023-25194|https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-25194]
> *(new)*|Deserialization of Untrusted
> Data|maven:org.apache.kafka:kafka-clients@2.8.2|2023-02-07|2023-02-09|[!https://snyk.io/favicon.ico!Deserialization
> of Untrusted Data in org.apache.kafka:kafka-clients \| CVE-2023-25194 \|
> Snyk|https://snyk.io/vuln/SNYK-JAVA-ORGAPACHEKAFKA-3317161]|
> Note: The vulnerability had only a snyk rating: medium - snyk (5.6), now the
> NVD rating is high (8.8).
--
This message was sent by Atlassian Jira
(v8.20.10#820010)