[fix][sec] Override kafka-clients in kinesis-kpl-shaded to remediate CVE-2024-31141 and CVE-2025-27817 (#24935)

Author: guptas6est

pulsar-io/kinesis-kpl-shaded/pom.xml

@@ -53,6 +53,12 @@
         <type>pom</type>
         <scope>import</scope>
       </dependency>
+      <!-- enforce kafka client version that gets pulled transitively -->
+      <dependency>
+        <groupId>org.apache.kafka</groupId>
+        <artifactId>kafka-clients</artifactId>
+        <version>${kafka-client.version}</version>
+      </dependency>
     </dependencies>
   </dependencyManagement>
   <dependencies>