[
https://issues.apache.org/jira/browse/CAMEL-19672?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17758195#comment-17758195
]
Claus Ibsen commented on CAMEL-19672:
-------------------------------------
You just add kafka-client 3.5.1 as dependency yourself and use that.
Spring Boot comes with a default kafka client version in their releases, that
is what Andrea talks about.
So camel-kafka-starter will out of the box use what version Spring Boot comes
with.
> CVE 2023-34455 - Vulnerability with Camel-Kafka
> -----------------------------------------------
>
> Key: CAMEL-19672
> URL: https://issues.apache.org/jira/browse/CAMEL-19672
> Project: Camel
> Issue Type: Dependency upgrade
> Reporter: Sasikumar Muthukrishnan Sampath
> Priority: Minor
>
> This vulnerability is from apache kafka and they have fixed this issue and
> released new versions.
> [KAFKA-15096] CVE 2023-34455 - Vulnerability identified with Apache kafka -
> ASF JIRA
>
> Please upgrade camel kafka with the fix from apache kafka and release newer
> versions.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
