Hello everyone, as this (https://issues.apache.org/jira/browse/KAFKA-9366) Jira issue already mentiones, all Kafka versions are currently affected by the CVE-2019-17571
We would now need to know if there actually is a way of exploiting this vulnerability and, if so, how it can be reproduced/tested. Furthermore should there be a way of exploitation it would be great to know what can be done to mitigate risk (e.g. sanitize messages, partially disable logging, etc.) Any ideas on the issue? Thanks a lot in advance! and kind regards Alexander Ortner ARZ Allgemeines Rechenzentrum GmbH Online Banking Solutions
