Enables developers to use AWS Identity and Access Management (IAM) to connect to their Amazon Managed Streaming for Apache Kafka (Amazon MSK) clusters.
Apache License 2.0
142
stars
65
forks
source link
Snyk Scan Results in CVE: 2022-24823, 2023-34462, 2021-43797 #131
I added the latest version of aws-msk-iam-auth to a bunch of my java services and Snyk reported multiple medium CVE(s) that are tied to the version of the AWS SDK the library is using:
I added the latest version of
aws-msk-iam-auth
to a bunch of my java services and Snyk reported multiple medium CVE(s) that are tied to the version of the AWS SDK the library is using:software.amazon.msk:aws-msk-iam-auth@1.1.7 › software.amazon.awssdk:sso@2.19.26 › software.amazon.awssdk:netty-nio-client@2.19.26 › io.netty:netty-buffer@4.1.68.Final › io.netty:netty-common@4.1.68.Final
The following CVE(s) were reported:
io.netty:netty-common@4.1.77.Final
io.netty:netty-handler@4.1.94.Final
io.netty:netty-codec-http@4.1.71.Final