12 matches found
CVE-2023-29471
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...
Security Bulletin: IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities.
Summary IBM Operations Analytics Predictive Insights v1.3.6 ifix7 contains fixes for multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-32007 DESCRIPTION: Apache Spark could allow a remote authenticated attacker to execute arbitrary commands on the...
CVE-2023-29471
creationtimestamp| type| source ---|---|--- 2023-04-28 00:26:47+00:00| seen| https://t.me/cibsecurity/63016...
com.typesafe.akka:akka-stream-kafka-cluster-sharding_3 (=4.0.1), com.typesafe.akka:akka-stream-kafka-testkit_3 (=4.0.1) potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_3 (=4.0.1)
com.typesafe.akka:akka-stream-kafka3 MAVEN version =4.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on com.typesafe.akka:akka-stream-kafka3 and may be impacted: - com.typesafe.akka:akka-stream-kafka-cluster-sharding3 =4.0.1 -...
com.lightbend.lagom:lagom-javadsl-integration-client_2.11 (>=1.5.0 <=1.5.5), com.lightbend.lagom:lagom-javadsl-kafka-broker_2.11 (>=1.5.0 <=1.5.5) +7 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=1.0 <=1.1.0)
com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =1.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.0, =1.1.0-RC2 Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...
com.adendamedia:cornucopia_2.11 (>=0.5.0 <=0.6.2), com.deciphernow:franz_2.11 (=1.0.0) +17 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=0.11-M2 <=0.22)
com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =0.11-M2, =0.5.0, =2.0.5, =0.1.3, =1.0.0, =1.2.0, =1.2.0, =1.2.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.4.9, =1.4.15 - de.nierbeck.floating.data:akka-ingest2.11 =0.1.1 - de.nierbeck.floating.data:akka-server2.11 =0.1.1 and more Source cves:...
biz.lobachev.annette:application_2.13 (>=0.1.2 <=0.3.0), biz.lobachev.annette:attributes_2.13 (>=0.1.2 <=0.2.5) +71 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.13 (>=1.0.4 <=4.0.1)
com.typesafe.akka:akka-stream-kafka2.13 MAVEN version =1.0.4, =0.1.2, =0.1.2, =0.1.2, =0.3.0, =0.1.2, =0.1.2, =0.3.0, =0.3.0, =1.0.1, =22.10.0, =0.1.6, =0.1, =0.0.0-NIGHTLY01122020, =back-to-core-SNAPSHOT-4 and more Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...
com.github.arielf-camacho:kafka-utils_2.12 (>=1.0.1 <=1.0.3), com.github.j5ik2o:akka-persistence-dynamodb-kafka-write-adaptor_2.12 (=1.1.0) +56 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.12 (>=0.13 <=4.0.1)
com.typesafe.akka:akka-stream-kafka2.12 MAVEN version =0.13, =1.0.1, =1.0.1, =2.0.5, =1.0.0, =0.3, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.6.8-RC1 and more Source cves:...
CVE-2023-29471
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...
CVE-2023-29471
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...
CVE-2023-29471
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...
CVE-2023-29471
Lightbend Alpakka Kafka before 5.0.0 stores configuration in debug logs, potentially exposing credentials in log files via akka.kafka.internal.KafkaConsumerActor. AFFECTED: Lightbend Alpakka Kafka versions prior to 5.0.0. IMPACT: credential exposure in log files. REMEDIATION: upgrade to 5.0.0 or ...