Dear Team, We are getting vulnerability due to Log4j- v1.2.17 jar being used in Kafka_2.11-2.4.0. We tried to upgrade the same to Kafka_2.13-3.1.0 to remediate vulnerability due to Log4j- v1.2.17 (obsolete version- Log4j 1.x has reached End of Life in 2015 and is no longer supported.) but found this version of Kafka do not use Log4j v2.X
As per your website there is no such information available. Please let us know when this will get upgraded. Please us know how to get this vulnerability remediated as we need to upgrade Log4j to v2.x Thanks & Regards, Sandip Bhunia Cell: 9932245061 Em@il<mailto:Em@il> : sandip.bhu...@tcs.com<mailto:sandip.bhu...@tcs.com> Advance Notice of Holidays: =====-----=====-----===== Notice: The information contained in this e-mail message and/or attachments to it may contain confidential or privileged information. If you are not the intended recipient, any dissemination, use, review, distribution, printing or copying of the information contained in this e-mail message and/or attachments to it are strictly prohibited. If you have received this communication in error, please notify us by reply e-mail or telephone and immediately and permanently delete the message and any attachments. Thank you