Assess CVE-2023-43642 on snappy-java- through search-guard-suite-plugin-7.17.14-53.7.0


search-guard-suite-plugin-7.17.14-53.7.0 leverages snappy-java- which is affected by NVD - CVE-2023-43642

Could you provide an official stance regarding this vulnerability?

Thank you.

Snappy is only used by the experimental and undocumented Kafka client used by audit logging. If you do not use the Kafka client for audit logging, the code won’t be in use.

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.