Lucene search

K

CVE-2023-51437 Apache Pulsar: Timing attack in SASL token signature verification

🗓️ 07 Feb 2024 09:19:18Reported by apacheType 
cvelist
 cvelist
🔗 www.cve.org👁 10 Views

Apache Pulsar timing attack in SASL token signature verification, upgrade to patched version

Show more
Related
Affected
Refs
[
  {
    "defaultStatus": "unaffected",
    "product": "Apache Pulsar",
    "vendor": "Apache Software Foundation",
    "versions": [
      {
        "lessThanOrEqual": "2.10.5",
        "status": "affected",
        "version": "0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "2.11.2",
        "status": "affected",
        "version": "2.11.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "3.0.1",
        "status": "affected",
        "version": "3.0.0",
        "versionType": "semver"
      },
      {
        "status": "affected",
        "version": "3.1.0"
      }
    ]
  }
]

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo
07 Feb 2024 09:18Current
7.5High risk
Vulners AI Score7.5
CVSS37.4
EPSS0.001
10
.json
Report