I file https://issues.apache.org/jira/browse/KAFKA-19966 for the updates
On 2025/12/04 06:28:52 "V, Brundha via dev" wrote: > > Hi, > Latest version of kafka-clients:4.1.1 has CVE related to 'commons-beanutils'. > I see that parent package 'commons-validator' is already upgraded in code but > I don't see any releases having this upgraded version on maven repository. > Kindly make the version available as soon as possible on maven as this CVE is > under HIGH category. > > Thanks. > Brundha S V > >
