Super-Lu opened a new issue, #12800: URL: https://github.com/apache/skywalking/issues/12800
### Search before asking - [X] I had searched in the [issues](https://github.com/apache/skywalking/issues?q=is%3Aissue) and found no similar issues. ### Apache SkyWalking Component Java Agent (apache/skywalking-java) ### What happened When using the kafka-reporter-plugin plugin, it was found that the referenced version 2.4.1 of kafka-clients contains the publicly disclosed security vulnerability CVE-2024-31141. ### What you expected to happen I hope to modify the kafka-reporter-plugin plugin's pom.xml file by updating the dependency version number for kafka-clients from 2.4.1 to 3.8.0. The code change is as follows: <kafka-clients.version>3.8.0</kafka-clients.version> ### How to reproduce 1.Clone the skywalking-java source code to a local directory, such as D:\code 2.Enter the directory D:\code\skywalking-java\apm-sniffer\optional-reporter-plugins 3.Open the pom.xml file and find the kafka-clients property tag <kafka-clients.version>2.4.1</kafka-clients.version> ### Anything else _No response_ ### Are you willing to submit a pull request to fix on your own? - [X] Yes I am willing to submit a pull request on my own! ### Code of Conduct - [X] I agree to follow this project's [Code of Conduct](https://www.apache.org/foundation/policies/conduct) -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
