[ https://issues.apache.org/jira/browse/KAFKA-13545?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Luke Chen resolved KAFKA-13545. ------------------------------- Resolution: Won't Fix > Workaround for mitigating CVE-2021-4104 Kafka > ---------------------------------------------- > > Key: KAFKA-13545 > URL: https://issues.apache.org/jira/browse/KAFKA-13545 > Project: Kafka > Issue Type: Bug > Affects Versions: 2.8.1 > Reporter: Akansh Shandilya > Priority: Major > > A new vulnerability is published today : > https://nvd.nist.gov/vuln/detail/CVE-2021-4104 > > Kafka v2.8.1 uses log4j v1.x . Please review following information : > Is Kafka v2.8.1 impacted by CVE-2021-4104? > If yes, is there any workaround/recommendation available for Kafka v2.8.1 to > mitigate CVE-2021-4104 -- This message was sent by Atlassian Jira (v8.20.1#820001)