CVE‑2025‑12183 this vulnerability compression.type for topic and producer

asif123 · 24 December 2025 10:38

Please assist to check the compression.type configuration for Kafka Broker and also at topic level to assess if CVE‐2025‐12183 is affecting applications.

This is with regards to the latest vulnerability found related to Kafka:

Sonatype CVE Feed - CVE‐2025‐12183

dtroiano · 5 January 2026 15:49

The lz4-java dependency was upgraded from 1.8.0 to 1.10.1 as part of the Apache Kafka 4.1 release and also backported to 3.9.2 (JIRA, GitHub).

Topic		Replies	Views
Compression in confluent kafka Confluent Cloud	0	1167	15 November 2023
CVE confluent-kafka-7.2.2 Kafka Streams	0	2913	12 October 2022
Is the kafka-connect docker image confluentinc/cp-kafka-connect-base:5.5.0 affected by the log4j vulnerability https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228? Kafka Connect	2	3275	14 December 2021
How to handle Confluent CVEs? Ops	4	3165	5 October 2021
Vulnerabilities Fix Kafka Connect	4	225	8 January 2025

CVE‑2025‑12183 this vulnerability compression.type for topic and producer

Related topics