Security Advisories and Security Release Notes
Follow this section for security advisory notifications
- Security Release Notes for CP 7.4.1
- CONFSA-2023-06: Confluent Platform Vulnerability - Denial of Service (DoS) due to unchecked multiplications or unchecked chunk length
- CONFSA-2023-05: Specific Confluent-built connectors are vulnerable to CVE-2023-32697 that can lead to Remote Code Execution (RCE) vulnerability via JDBC URL leveraging Connect REST API
- Security Release Notes for CP 6.0.14
- Security Release Notes for CP 6.1.12
- Security Release Notes for CP 6.2.11
- Security Release Notes for CP 7.0.10
- Security Release Notes for CP 7.1.8
- Security Release Notes for CP 7.2.6
- Security Release Notes for CP 7.3.4
- Security Release Notes for CFK 2.6.1
- Security Release Notes for CFK 2.5.3
- Security Release Notes for CFK 2.5.4
- CONFSA-2023-03: Confluent Platform Vulnerability in Schema Registry: Schema links can be misused to bypass Role Based Access Control (RBAC) based read restrictions on Schema Registry
- Security Release Notes for CFK 2.5.2
- Security Release Notes for CFK 2.4.4
- CONFSA-2023-04: Confluent Platform and Confluent Cloud Vulnerability - ksqlDB Logging of sensitive information
- CONFSA-2023-01: Confluent Platform - DEBUG level logging could result in sensitive information exposure
- Security Release Notes for CP 7.3.3
- Security Release Notes for CP 7.2.5
- Security Release Notes for CP 7.1.7
- Security Release Notes for CP 7.0.9
- Security Release Notes for CP 6.2.10
- Security Release Notes for CP 6.1.11
- Security Release Notes for CP 6.0.13
- Security Release Notes for CP 5.5.15
- Security Release Notes for CP 7.1.6
- Security Release Notes for CP 7.0.8
- Security Release Notes for CP 6.2.9
- Security Release Notes for CP 6.1.10