Skip to content

Commit

Permalink
Fix vulnerabilities (#81)
Browse files Browse the repository at this point in the history 
Co-authored-by: mihir gore <mihir@mihirs-MacBook-Pro.local>
  • Loading branch information
@mihirgt
mihirgt and mihir gore authored Oct 3, 2023
1 parent 1f827b7 commit 4d3f717
Showing 1 changed file with 5 additions and 2 deletions.
7 changes: 5 additions & 2 deletions kafka-bom/build.gradle.kts
View file
Original file line number Diff line number Diff line change
Expand Up @@ -11,7 +11,7 @@ var protobufVersion = "3.21.7"
dependencies {
constraints {
api("com.fasterxml.jackson.core:jackson-databind:2.15.2")
api("org.xerial.snappy:snappy-java:1.1.10.4") {
api("org.xerial.snappy:snappy-java:1.1.10.5") {
because("[https://nvd.nist.gov/vuln/detail/CVE-2023-34455] in 'org.apache.kafka:kafka-clients:*'")
because("[https://nvd.nist.gov/vuln/detail/CVE-2023-43642]")
}
Expand All @@ -21,6 +21,9 @@ dependencies {
api("com.squareup.okio:okio:3.4.0") {
because("https://nvd.nist.gov/vuln/detail/CVE-2023-3635 in io.confluent:kafka-protobuf-serializer:7.4.0")
}
api("org.apache.commons:commons-compress:1.24.0") {
because("https://nvd.nist.gov/vuln/detail/CVE-2023-42503")
}

api("io.confluent:kafka-streams-avro-serde:$kafkaVersion")
api("io.confluent:kafka-protobuf-serializer:$kafkaVersion")
Expand All @@ -29,6 +32,6 @@ dependencies {
api("org.apache.kafka:kafka-clients:$kafkaCcsVersion")
api("org.apache.kafka:kafka-streams:$kafkaCcsVersion")
api("org.apache.kafka:kafka-streams-test-utils:$kafkaCcsVersion")
api("org.apache.avro:avro:1.11.1")
api("org.apache.avro:avro:1.11.3")
}
}

0 comments on commit 4d3f717

Please sign in to comment.