[
https://issues.apache.org/jira/browse/KAFKA-14696?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17686925#comment-17686925
]
MillieZhang commented on KAFKA-14696:
-
As you said, I'm going to fix this by turning the commit
MillieZhang created KAFKA-14696:
---
Summary: CVE-2023-25194: Apache Kafka: Possible RCE/Denial of
service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect
Key: KAFKA-14696
URL:
[
https://issues.apache.org/jira/browse/KAFKA-14045?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17622092#comment-17622092
]
MillieZhang commented on KAFKA-14045:
-
This is a duplicate issue with
[
https://issues.apache.org/jira/browse/KAFKA-13917?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17622091#comment-17622091
]
MillieZhang commented on KAFKA-13917:
-
helloļ¼this issue also affects 2.8.X
[
https://issues.apache.org/jira/browse/KAFKA-13917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
MillieZhang updated KAFKA-13917:
Attachment: image-2022-10-21-15-53-14-689.png
> Avoid calling lookupCoordinator() in tight loop
>
[
https://issues.apache.org/jira/browse/KAFKA-13917?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
MillieZhang updated KAFKA-13917:
Attachment: image-2022-10-21-15-52-20-402.png
> Avoid calling lookupCoordinator() in tight loop
>
[
https://issues.apache.org/jira/browse/KAFKA-14063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17608468#comment-17608468
]
MillieZhang commented on KAFKA-14063:
-
[~omkreddy]
thanks a lot :)
> CVE-2022-34917: Kafka message
[
https://issues.apache.org/jira/browse/KAFKA-14063?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel=17608126#comment-17608126
]
MillieZhang commented on KAFKA-14063:
-
Is it possible to consider that the vulnerability is fixed by