Kafka4 commons-beanutils:1.9.4

Hi, A CVE-2025-48734, has been identified in the third-party library commons-beanutils version 1.9.4. Requesting confirmation on the following: * Is a fix available in a later version of kafka4 ? * If not, is there any recommended workaround or mitigation for the current version? T

Re: Kafka4 commons-beanutils:1.9.4

Hi Sachin, Please check KAFKA-19359 for more info. Thanks. Luke On Thu, Jun 26, 2025 at 5:44 PM Sachin Jangle wrote: > Hi, > > A CVE-2025-48734, has been identified in the third-party library > commons-beanutils version 1.9.4. > Requesting co

Re: Consumer not receiving messages when subscribing to a topic but can receive message when assigning a partition

Hi Ranganath, If messages are only received when a specific partition is assigned, but not when subscribing via a consumer group. This is because: --> The consumer config has enable.auto.commit=false, but no manual offset commits are being made (commitSync() is missing). As a result, Kafka think