You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we are using Mendt as SCT and SAST scanning software. They identified a vulnerability in NewtonSoft Json last year, which was fixed in Version 13 and up:
A few days ago Confluent finally bumped their Kafka client version to 2.0.2 using NewtonSoft Json > 13. It would be great if you could bump the kafka client version within Kafka Flow to mitigate this issue.
This bump would also fix: as this is also due to usage of a NewtonSoft Json version <13.
Describe the solution you'd like
Bump to 2.0.2
Bump to 2.0.2
Are you able to help bring it to life and contribute with a Pull Request?
Yes
Additional context
No response
The text was updated successfully, but these errors were encountered:
guidowalter
changed the title
[Feature Request]: Upgrade confluent-kafka-dotnet to 2.0.2 due to security vulnerability in Newtonsoft Jsin < 13
[Feature Request]: Upgrade confluent-kafka-dotnet to 2.0.2 due to security vulnerability in Newtonsoft Json < 13
Jan 30, 2023
Is your request related to a problem you have?
Hi,
we are using Mendt as SCT and SAST scanning software. They identified a vulnerability in NewtonSoft Json last year, which was fixed in Version 13 and up:
JamesNK/Newtonsoft.Json@7e77bbe
A few days ago Confluent finally bumped their Kafka client version to 2.0.2 using NewtonSoft Json > 13. It would be great if you could bump the kafka client version within Kafka Flow to mitigate this issue.
This bump would also fix:
as this is also due to usage of a NewtonSoft Json version <13.
Describe the solution you'd like
Bump to 2.0.2
Bump to 2.0.2
Are you able to help bring it to life and contribute with a Pull Request?
Yes
Additional context
No response
The text was updated successfully, but these errors were encountered: