[jira] [Commented] (KAFKA-15658) Zookeeper.jar | CVE-2023-44981

David Dufour (Jira) Sun, 26 Nov 2023 23:56:05 -0800


    [ 
https://issues.apache.org/jira/browse/KAFKA-15658?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17789949#comment-17789949
 ]


David Dufour commented on KAFKA-15658:
--------------------------------------

Is there any plan to fix 3.5.x as well?

> Zookeeper.jar | CVE-2023-44981 
> -------------------------------
>
>                 Key: KAFKA-15658
>                 URL: https://issues.apache.org/jira/browse/KAFKA-15658
>             Project: Kafka
>          Issue Type: Bug
>            Reporter: masood
>            Priority: Critical
>             Fix For: 3.7.0, 3.6.1
>
>
> The 
> [CVE-2023-44981|https://www.mend.io/vulnerability-database/CVE-2023-44981]  
> vulnerability has been reported in the zookeeper.jar. 
> It's worth noting that the latest version of Kafka has a dependency on 
> version 3.8.2 of Zookeeper, which is also impacted by this vulnerability. 
> [https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2|https://mvnrepository.com/artifact/org.apache.zookeeper/zookeeper/3.8.2.]
> could you please verify its impact on the Kafka.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Commented] (KAFKA-15658) Zookeeper.jar | CVE-2023-44981

Reply via email to