The following information is provided to alert you about vulnerabilities in Confluent software. For further inquiries, please email support@confluent.io or submit a ticket using the Support Portal.
Executive Summary
The following Confluent packages are known to have critical/high CVEs:
- com.fasterxml.jackson.core_jackson-databind:2.10.2
- com.fasterxml.jackson.core_jackson-databind:2.9.10
- com.fasterxml.jackson.core_jackson-databind:2.9.10.3
- io.netty_netty-codec:4.1.36.Final
- io.netty_netty-codec:4.1.42.Final
- io.netty_netty-codec:4.1.45.Final
- log4j_log4j:1.2.17
- org.apache.activemq_activemq-client:5.14.4
- org.eclipse.jetty_jetty-io:9.4.20.v20190813
- org.jolokia_jolokia-core:1.3.6
- org.yaml_snakeyaml:1.12
- org.yaml_snakeyaml:1.16
- org.yaml_snakeyaml:1.23
The following sections provide more detailed information about specific packages and resolutions.
Confluent Platform
The Confluent Platform tar archive, and subsequent docker/deb/rpm packages are affected by the following known CVEs.
com.fasterxml.jackson.core_jackson-databind:2.10.2
- CVEs: CVE-2020-25649 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: Subsequent 5.X.Y and 6.X.Y releases of the Confluent Platform will update jackson databind version to 2.10.5.1 or above.
com.fasterxml.jackson.core_jackson-databind:2.9.10
- CVEs: CVE-2020-9548 (critical, CVSS=9.8) CVE-2020-9547 (critical, CVSS=9.8) CVE-2020-9546 (critical, CVSS=9.8) CVE-2020-8840 (critical, CVSS=9.8) CVE-2019-20330 (critical, CVSS=9.8) CVE-2019-17531 (critical, CVSS=9.8) CVE-2019-16943 (critical, CVSS=9.8) CVE-2019-16942 (critical, CVSS=9.8) CVE-2020-11113 (high, CVSS=8.8) CVE-2020-11112 (high, CVSS=8.8) CVE-2020-11111 (high, CVSS=8.8) CVE-2020-10969 (high, CVSS=8.8) CVE-2020-10968 (high, CVSS=8.8) CVE-2020-10673 (high, CVSS=8.8) CVE-2020-10672 (high, CVSS=8.8) CVE-2020-35491 (high, CVSS=8.1) CVE-2020-35490 (high, CVSS=8.1) CVE-2020-24750 (high, CVSS=8.1) CVE-2020-24616 (high, CVSS=8.1) CVE-2020-14195 (high, CVSS=8.1) CVE-2020-14062 (high, CVSS=8.1) CVE-2020-14061 (high, CVSS=8.1) CVE-2020-14060 (high, CVSS=8.1) CVE-2020-11620 (high, CVSS=8.1) CVE-2020-11619 (high, CVSS=8.1) CVE-2020-25649 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is a shaded jar named parquet-jackson-1.11; currently awaiting transitive parquet release. This jar can be safely deleted if HDFS and S3 connectors are not in use. This dependency is completely moved out of Confluent Platform in version 6.0, and is fixed in version 5.4.3, 5.5.2 and above.
com.fasterxml.jackson.core_jackson-databind:2.9.10.3
- CVEs: CVE-2020-9548 (critical, CVSS=9.8) CVE-2020-9547 (critical, CVSS=9.8) CVE-2020-9546 (critical, CVSS=9.8) CVE-2020-11113 (high, CVSS=8.8) CVE-2020-11112 (high, CVSS=8.8) CVE-2020-11111 (high, CVSS=8.8) CVE-2020-10969 (high, CVSS=8.8) CVE-2020-10968 (high, CVSS=8.8) CVE-2020-10673 (high, CVSS=8.8) CVE-2020-10672 (high, CVSS=8.8) CVE-2020-35491 (high, CVSS=8.1) CVE-2020-35490 (high, CVSS=8.1) CVE-2020-24750 (high, CVSS=8.1) CVE-2020-24616 (high, CVSS=8.1) CVE-2020-14195 (high, CVSS=8.1) CVE-2020-14062 (high, CVSS=8.1) CVE-2020-14061 (high, CVSS=8.1) CVE-2020-14060 (high, CVSS=8.1) CVE-2020-11620 (high, CVSS=8.1) CVE-2020-11619 (high, CVSS=8.1) CVE-2020-25649 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-base-new, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-init-container-operator, tags:5.4.2.0-ubi8
- confluentinc/cp-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-mqtt, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafkacat, tags:5.4.2-1-ubi8
- confluentinc/cp-ksql-cli, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: Version 5.5.x and 5.4.3 of Confluent Platform update jackson-databind to 2.10.x.
io.netty_netty-codec:4.1.36.Final
- CVEs: CVE-2020-11612 (critical, CVSS=9.8) CVE-2019-20445 (critical, CVSS=9.1) CVE-2019-20444 (critical, CVSS=9.1) CVE-2019-16869 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3, 5.5.2, and above of Confluent Platform.
io.netty_netty-codec:4.1.42.Final
- CVEs: CVE-2020-11612 (critical, CVSS=9.8) CVE-2019-20445 (critical, CVSS=9.1) CVE-2019-20444 (critical, CVSS=9.1)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3, 5.5.2, and above of Confluent Platform.
io.netty_netty-codec:4.1.45.Final
- CVEs: CVE-2020-11612 (critical, CVSS=9.8)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-base-new, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-init-container-operator, tags:5.4.2.0-ubi8
- confluentinc/cp-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-mqtt, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafkacat, tags:5.4.2-1-ubi8
- confluentinc/cp-ksql-cli, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3, 5.5.2, and above of Confluent Platform.
log4j_log4j:1.2.17
- CVEs: CVE-2019-17571 (critical, CVSS=9.8)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-mqtt, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-ksql-cli, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: Confluent Platform is not directly affected by this CVE. If you are running the SocketServer pattern for logs generated by Confluent Platform, disable the socket port enabled by the SocketServer class in Log4j from being opened to the public network. In addition, this is fixed in version 5.4.3 and above of Confluent Platform.
org.apache.activemq_activemq-client:5.14.4
- CVEs: CVE-2019-0222 (high, CVSS=7.5) CVE-2018-11775 (high, CVSS=7.4)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: Version 5.4.3 of Confluent Platform includes an updated version of ActiveMQ.
org.eclipse.jetty_jetty-io:9.4.20.v20190813
- CVEs: CVE-2020-27216 (high, CVSS=7.8)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-mqtt, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-ksql-cli, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: Subsequent 5.X.Y and 6.X.Y releases of the Confluent Platform will update jetty to version 9.4.33.v20201020 or above.
org.jolokia_jolokia-core:1.3.6
- CVEs: CVE-2018-10899 (high, CVSS=8.8)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3 and above of Confluent Platform.
org.yaml_snakeyaml:1.12
- CVEs: CVE-2017-18640 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3 and above of Confluent Platform.
org.yaml_snakeyaml:1.16
- CVEs: CVE-2017-18640 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3 and above of Confluent Platform.
org.yaml_snakeyaml:1.23
- CVEs: CVE-2017-18640 (high, CVSS=7.5)
- Vulnerable docker images and corresponding deb/rpm packages
- confluentinc/cp-base-new, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-control-center-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-enterprise-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-executable, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-enterprise-replicator-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-init-container-operator, tags:5.4.2.0-ubi8
- confluentinc/cp-kafka, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-mqtt, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafka-rest, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-kafkacat, tags:5.4.2-1-ubi8
- confluentinc/cp-ksql-cli, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server, tags:5.4.2, 5.4.2-1-deb9, 5.4.2-1-ubi8
- confluentinc/cp-ksql-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-schema-registry, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-schema-registry-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-base, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-server-connect-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-server-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- confluentinc/cp-zookeeper, tags:5.4.2, 5.4.2-1-deb8, 5.4.2-1-ubi8
- confluentinc/cp-zookeeper-operator, tags:5.4.2.0, 5.4.2.0-ubi8
- Resolution and mitigation: This is fixed in version 5.4.3 and above of Confluent Platform.
Version: 77ba16dd5f469fcf56253bdc01232c25446c4918