[jira] [Created] (KAFKA-15002) Moderate vulnerability in org.bitbucket.b_c_jose4j

Arushi Rai (Jira) Wed, 17 May 2023 08:19:04 -0700

Arushi Rai created KAFKA-15002:
----------------------------------

             Summary: Moderate vulnerability in org.bitbucket.b_c_jose4j 
                 Key: KAFKA-15002
                 URL: https://issues.apache.org/jira/browse/KAFKA-15002
             Project: Kafka
          Issue Type: Task
    Affects Versions: 3.3.2, 3.4.0
            Reporter: Arushi Rai



Kafka is using package org.bitbucket.b_c_jose4j on version  0.7.9 where medium 
vulnerability is reported 
[GHSA-jgvc-jfgh-rjvv|https://github.com/advisories/GHSA-jgvc-jfgh-rjvv].

Fix is available in version 0.9.3 and Kafka should look to update to the fix 
version.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (KAFKA-15002) Moderate vulnerability in org.bitbucket.b_c_jose4j

Reply via email to