[ https://issues.apache.org/jira/browse/KAFKA-15658?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17785874#comment-17785874 ]
Divij Vaidya commented on KAFKA-15658: -------------------------------------- 3.6.1 - tentative release in Dec'23 3.7.0 - scheduled release in Jan'24 > Zookeeper.jar | CVE-2023-44981 > ------------------------------- > > Key: KAFKA-15658 > URL: https://issues.apache.org/jira/browse/KAFKA-15658 > Project: Kafka > Issue Type: Bug > Reporter: masood > Priority: Critical > Fix For: 3.7.0, 3.6.1 > > > The > [CVE-2023-44981|https://www.mend.io/vulnerability-database/CVE-2023-44981] > vulnerability has been reported in the zookeeper.jar. > It's worth noting that the latest version of Kafka has a dependency on > version 3.8.2 of Zookeeper, which is also impacted by this vulnerability. > [https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2|https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2.] > could you please verify its impact on the Kafka. -- This message was sent by Atlassian Jira (v8.20.10#820010)