[ https://issues.apache.org/jira/browse/KAFKA-13726?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17554353#comment-17554353 ]
Shivakumar commented on KAFKA-13726: ------------------------------------ getting this vulnerability in *3.1.1 Kafka* version as well. > Fix Vulnerability CVE-2022-23181 -Upgrade > org.apache.tomcat.embed_tomcat-embed-core > ----------------------------------------------------------------------------------- > > Key: KAFKA-13726 > URL: https://issues.apache.org/jira/browse/KAFKA-13726 > Project: Kafka > Issue Type: Bug > Affects Versions: 2.8.1 > Reporter: Chris Sabelstrom > Priority: Major > > Our security scanner detected the following vulnerablity. Please upgrade to > version noted in Fix Status column. > |CVE ID|Severity|Packages|Package Version|CVSS|Fix Status| > |CVE-2022-23181|high|org.apache.tomcat.embed_tomcat-embed-core|9.0.54|7|fixed > in 10.0.0, 9.0.1| -- This message was sent by Atlassian Jira (v8.20.7#820007)