garyrussell
commented
2 years ago spring-integration-kafka is not affected. In any case, this project is no longer active; the code was moved to the main spring-integration repository nearly 2 years ago https://github.com/spring-projects/spring-integration
Is spring-integration-kafka affected by rce vulnerability? If so, will a new version be released?
cve-2022-2296 :Spring Framework RCE via Data Binding on JDK 9+ https://tanzu.vmware.com/security/cve-2022-22965