Thomas Cooper created FLINK-36821: ------------------------------------- Summary: Upgrade Kafka Client version to 3.9.0 Key: FLINK-36821 URL: https://issues.apache.org/jira/browse/FLINK-36821 Project: Flink Issue Type: Improvement Components: Connectors / Kafka Affects Versions: kafka-3.4.0 Reporter: Thomas Cooper
Currently, the Flink Kafka Connector uses Kafka client version 3.4.0. This has a medium severity vulnerability ([CVE-2024-31141|[https://nvd.nist.gov/vuln/detail/CVE-2024-31141]) and needs to be upgraded to >= 3.8.0 to address it. 3.9.0 is the most recently released version and between that and 3.4.0 there have been numerous bug and performance fixes so we should upgrade. -- This message was sent by Atlassian Jira (v8.20.10#820010)