Dear Luke , Thank you for your kind and prompt response.
On Mon, Apr 4, 2022 at 1:23 PM Luke Chen wrote:
> Hi,
>
> The impact for the CVE-2022-22965? Since this is a RCE vulnerability, which
> means the whole system (including Kafka and ZK) is under the attackers'
> control, and can do whatever
Hi,
The impact for the CVE-2022-22965? Since this is a RCE vulnerability, which
means the whole system (including Kafka and ZK) is under the attackers'
control, and can do whatever they want.
The ideal fix for this is to upgrade Spring Framework 5.3.18 and 5.2.20 or
greater. Alternatively, you ca
Hi Kafka Experts
Regarding the recent threat of vulnerability in spring framework ,
CVE-2022-22965 vulnerability is SpringBoot (Java) for apache kafka and
Zookeeper. Could one of you suggest how Apache kafka and zk are impacted
and what should be the ideal fix for this .
Vulnerability in the Spri
