Is Apache Kafka 2.4.1 patched?
Apache · cycle 2.4 · end of life · Official site ↗
40/100End of life
Minimum safe version3.9.1
2.4.1 has 2 open critical-or-high vulnerabilities. Run 3.9.1 or later to clear them. See what 3.9.1 fixes →
Known issues affecting 2.4.1
Exploited first, then by exploitation probability.
CVE-2021-38153 MEDIUM EPSS 2% → fixed in 2.7.2 CVE-2025-27819 HIGH EPSS 1% → see advisory CVE-2025-27818 HIGH EPSS 1% → fixed in 3.9.1 CVE-2024-56128 MEDIUM EPSS 1% → fixed in 3.7.2 CVE-2026-33558 MEDIUM EPSS 0% → fixed in 3.9.2 CVE-2024-31141 MEDIUM EPSS 0% → see advisory