Hello,
search-guard-suite-plugin-7.17.14-53.7.0 leverages snappy-java-1.1.7.3.jar which is affected by NVD - CVE-2023-43642
Could you provide an official stance regarding this vulnerability?
Thank you.
Snappy is only used by the experimental and undocumented Kafka client used by audit logging. If you do not use the Kafka client for audit logging, the code won’t be in use.
This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.