Thomas Cooper created FLINK-36821:
-------------------------------------
Summary: Upgrade Kafka Client version to 3.9.0
Key: FLINK-36821
URL: https://issues.apache.org/jira/browse/FLINK-36821
Project: Flink
Issue Type: Improvement
Components: Connectors / Kafka
Affects Versions: kafka-3.4.0
Reporter: Thomas Cooper
Currently, the Flink Kafka Connector uses Kafka client version 3.4.0.
This has a medium severity vulnerability
([CVE-2024-31141|[https://nvd.nist.gov/vuln/detail/CVE-2024-31141]) and needs
to be upgraded to >= 3.8.0 to address it.
3.9.0 is the most recently released version and between that and 3.4.0 there
have been numerous bug and performance fixes so we should upgrade.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
