RE: CVEs related to Kafka

2023-06-14 Thread Sahil Sharma D
it is not mentioned ion Release Note of v3.4.0 ] Regards. Sahil -Original Message- From: Luke Chen Sent: 10 May 2023 10:50 AM To: users@kafka.apache.org Cc: Tauzell, Dave Subject: Re: CVEs related to Kafka Hi Sahil, > in which version of Kafka these will be fixed https://issues.ap

RE: CVEs related to Kafka

2023-05-11 Thread Sahil Sharma D
ed due to these vulnerabilities. Regards Sahil -Original Message- From: Luke Chen Sent: 10 May 2023 10:50 AM To: users@kafka.apache.org Cc: Tauzell, Dave Subject: Re: CVEs related to Kafka Hi Sahil, > in which version of Kafka these will be fixed https://issues.apache.org/jira/browse

Re: CVEs related to Kafka

2023-05-09 Thread Luke Chen
May 10, 2023 at 12:33 PM Sahil Sharma D wrote: > Hi team, > > By when we can expect reply reg this, any idea? > > Regards, > Sahil > > -Original Message- > From: Tauzell, Dave > Sent: 09 May 2023 11:29 PM > To: users@kafka.apache.org > Subject:

RE: CVEs related to Kafka

2023-05-09 Thread Sahil Sharma D
Hi team, By when we can expect reply reg this, any idea? Regards, Sahil -Original Message- From: Tauzell, Dave Sent: 09 May 2023 11:29 PM To: users@kafka.apache.org Subject: Re: CVEs related to Kafka Consider purchasing support from Confluent to get this sort of request answered

Re: CVEs related to Kafka

2023-05-09 Thread Tauzell, Dave
Consider purchasing support from Confluent to get this sort of request answered quickly. From: Sahil Sharma D Date: Tuesday, May 9, 2023 at 12:40 PM To: users@kafka.apache.org Subject: [EXTERNAL] RE: CVEs related to Kafka Gentle reminder-2 ! -Original Message- From: Sahil Sharma D

RE: CVEs related to Kafka

2023-05-09 Thread Sahil Sharma D
Gentle reminder-2 ! -Original Message- From: Sahil Sharma D Sent: 03 May 2023 04:34 PM To: users@kafka.apache.org Subject: RE: CVEs related to Kafka Gentle reminder! From: Sahil Sharma D Sent: 03 May 2023 08:57 AM To: 'users@kafka.apache.org' Subject: RE: CVEs relate

RE: CVEs related to Kafka

2023-05-03 Thread Sahil Sharma D
Gentle reminder! From: Sahil Sharma D Sent: 03 May 2023 08:57 AM To: 'users@kafka.apache.org' Subject: RE: CVEs related to Kafka Importance: High Hi Team, We have found few more Vulnerabilities on Kafka, below are the list: CVE-2022-36944<https://nvd.nist.gov/vuln/detail/CVE-2022

RE: CVEs related to Kafka

2023-05-02 Thread Sahil Sharma D
irm about the mitigation plan and impact of these CVEs. Regards, Sahil From: Sahil Sharma D Sent: 02 May 2023 02:16 PM To: users@kafka.apache.org Subject: CVEs related to Kafka Importance: High Hi team, We have got below two vulnerabilities on Kafka 3PP. CVE-2022-42003<https://nvd.nist.gov/vuln

CVEs related to Kafka

2023-05-02 Thread Sahil Sharma D
Hi team, We have got below two vulnerabilities on Kafka 3PP. CVE-2022-42003 In FasterXML jackson-databind before 2.14.0-rc1, resource exhaustion can occur because of a lack of a check in primitive value deserializers to avoid deep wrapper array n