You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Librdkafka uses libcurl 8.8.0 , but this version is impacted by the CVE-2024-7264 vulnerability, therefore should be upgraded to version 8.9.1 or higher.
Description
LibCurl
CVE-2024-7264
Librdkafka uses libcurl 8.8.0 , but this version is impacted by the CVE-2024-7264 vulnerability, therefore should be upgraded to version 8.9.1 or higher.
OpenSSL
CVE-2024-6119
CVE-2024-5535
CVE-2024-4741
CVE-2024-4603
CVE-2024-2511
Librdkafka uses OpenSSL 3.0.13 , but this version is impacted by a few vulnerabilities indicated above, so they should upgrade to 3.0.15: Release note
How to reproduce
No need, it is part of the librdkakfka code :
code link for libcurl
code link for openssl
Checklist
IMPORTANT: We will close issues where the checklist has not been completed.
Please provide the following information:
v2.5.0
The text was updated successfully, but these errors were encountered: