[jira] [Commented] (KAFKA-15658) Zookeeper.jar | CVE-2023-44981

Divij Vaidya (Jira) Fri, 20 Oct 2023 06:01:09 -0700


    [ 
https://issues.apache.org/jira/browse/KAFKA-15658?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17777749#comment-17777749
 ]


Divij Vaidya commented on KAFKA-15658:
--------------------------------------

This is fixed in 3.6.1 and 3.7.0 versions as part of 
https://issues.apache.org/jira/browse/KAFKA-15596 

> Zookeeper.jar | CVE-2023-44981 
> -------------------------------
>
>                 Key: KAFKA-15658
>                 URL: https://issues.apache.org/jira/browse/KAFKA-15658
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: masood
>            Priority: Critical
>
> The 
> [CVE-2023-44981|https://www.mend.io/vulnerability-database/CVE-2023-44981]  
> vulnerability has been reported in the zookeeper.jar. 
> It's worth noting that the latest version of Kafka has a dependency on 
> version 3.8.2 of Zookeeper, which is also impacted by this vulnerability. 
> [https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2|https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2.]
> could you please verify its impact on the Kafka.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KAFKA-15658) Zookeeper.jar | CVE-2023-44981

Reply via email to