MillieZhang created KAFKA-14696: ----------------------------------- Summary: CVE-2023-25194: Apache Kafka: Possible RCE/Denial of service attack via SASL JAAS JndiLoginModule configuration using Kafka Connect Key: KAFKA-14696 URL: https://issues.apache.org/jira/browse/KAFKA-14696 Project: Kafka Issue Type: Bug Components: KafkaConnect Affects Versions: 2.8.2, 2.8.1 Reporter: MillieZhang Fix For: 3.4.0
CVE Reference: [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-34917] Will Kafka 2.8.X provide a patch to fix this vulnerability? If yes, when will the patch be provided? Thanks -- This message was sent by Atlassian Jira (v8.20.10#820010)