CVE-2022-36944 in kafka:0.31.1-kafka-3.2.3 Docker image

[Strese7]

Hi, is it planned to fix this CVE? (Scala lib fixed in the version 2.13.9)

[scholzj]

Strimzi is using the Kafka binaries provided by Apache Kafka. So this needs to be fixed in Apache Kafka. That said, AFAIU Kafka is not affected by this CVE as it does not use the functionality where the issue is (but I'm not an authoritative source, its just my understanding).