CVE-2022-33682

🗓️ 23 Sep 2022 09:25:14Reported by apacheType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 63 Views

CVE-2022-33682: Pulsar Broker & Proxy TLS hostname verification vulnerabilit

Reporter	Title	Published	Views	Family All 20
CNNVD	Apache Pulsar 信任管理问题漏洞	23 Sep 202200:00	–	cnnvd
CNVD	Apache Pulsar Trust Management Issue Vulnerability	28 Sep 202200:00	–	cnvd
Cvelist	CVE-2022-33682 Disabled Hostname Verification makes Brokers, Proxies vulnerable to MITM attack	23 Sep 202209:25	–	cvelist
EUVD	EUVD-2022-6863	3 Oct 202520:07	–	euvd
Github Security Blog	Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation	25 Sep 202200:00	–	github
NVD	CVE-2022-33682	23 Sep 202210:15	–	nvd
OSV	GHSA-JVF3-MFXV-JCQR Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation	25 Sep 202200:00	–	osv
Prion	Design/Logic Flaw	23 Sep 202210:15	–	prion
Positive Technologies	PT-2022-21798 · Apache · Apache Pulsar Websocket Proxy +2	23 Sep 202200:00	–	ptsecurity
RedhatCVE	CVE-2022-33682	23 May 202500:36	–	redhatcve

NVD

Vulners

Node

apache pulsarRange<2.7.5

apache pulsarRange2.8.0–2.8.4

apache pulsarRange2.9.0–2.9.3

apache pulsarMatch2.10.0-

[
  {
    "product": "Apache Pulsar",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "status": "affected",
        "version": "2.10.0"
      },
      {
        "lessThanOrEqual": "2.7.4",
        "status": "affected",
        "version": "2.7",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.8.3",
        "status": "affected",
        "version": "2.8",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.9.2",
        "status": "affected",
        "version": "2.9",
        "versionType": "custom"
      },
      {
        "lessThanOrEqual": "2.6.4",
        "status": "affected",
        "version": "2.6 and earlier",
        "versionType": "custom"
      }
    ]
  }
]