Confluent Platform 5.3.7 contains security fixes for the following open source packages:
CVE |
CVSS |
Vulnerable Package Version |
Upgraded Package Version |
5.3 |
jakarta.el:jakarta.el-api < 3.0.4 |
jakarta.el:jakarta.el-api:4.0.0 |
This patch release version of CP is not impacted by CVE-2021-44228. In regards to CVE-2021-4104, please refer to this link for additional information about log4j1.