Hello Team,
As we have Log4J vulnerability CVE-2021-44228, CVSS 10.0 (Critical), can you
please confirm, when we have Kafka version release which has this vulnerability
fix and has Log4J version 2.17?
Regards,
Deepti Sharma
PMP(r) & ITIL
Hello Deepti
The core Kafka components are not affected by this vulnerability. Core
Kafka components use log4j1 and not log4j2
If you use Kafka connectors, please check with your vendor to make sure
that the connectors are not using log4j2
Check out the official announcement from the project
ht
Hello Team,
As we have Log4J vulnerability CVE-2021-44228, CVSS 10.0 (Critical), can you
please confirm, when we have Kafka version release which has this vulnerability
fix and has Log4J version 2.17?
Regards,
Deepti Sharma
PMP(r) & ITIL
