Confluent operator cve-2024-45337 vulnerability

Beniyeal1 · 21 February 2025 03:53

Hi Team,

Confluent operator images has cve-2024-45337 vulnerability and could not find a latest version that resolved this. Kindly confirm when this can be resolved.

|CFK Helm Version|CFK Image Tag|
|2.10.0|0.1145.6|

dtroiano · 21 February 2025 16:33

Hi @Beniyeal1 and welcome to the forum

For any specific questions about cve-2024-45337, please submit a ticket to Confluent Support.

Also for reference, here is Confluent’s policy on addressing and publishing communications around vulnerabilities. I don’t see a security advisory published here on that particular vulnerability.

Topic		Replies	Views
Resolving CVE-2022-48566 and CVE-2023-40217 Kafka Connect	1	1248	29 October 2023
Vulnerabilities in latest docker image of confluentinc/cp-schema-registry:7.2.0 Schema Registry	0	3063	20 July 2022
Security vulnerability in confluent-7.3.0 ksqlDB	2	3292	10 December 2022
Is the kafka-connect docker image confluentinc/cp-kafka-connect-base:5.5.0 affected by the log4j vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228? Kafka Connect	2	3257	14 December 2021
Critical security vulnerability code-named “Log4Shell” (tracked as CVE-2021-44228) Managed Connectors	3	3492	21 December 2021

Confluent operator cve-2024-45337 vulnerability

Related topics