Lucene search
K

6 matches found

Circl
Circl
added 2024/01/13 1:51 p.m.6 views

CVE-2023-37544

creationtimestamp| type| source ---|---|--- 2024-01-13 13:51:35+00:00| seen| https://t.me/ctinow/167823...

7.5CVSS7.3AI score0.01351EPSS
Exploits0References1
vulnersOsv
vulnersOsv
added 2023/12/20 9:30 a.m.4 views

io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker (>=2.11.0 <=2.11.1) +7 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (>=2.11.0 <=2.11.1)

org.apache.pulsar:pulsar-websocket MAVEN version =2.11.0, =0.0.4, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.1 Source cves: CVE-2023-37544 Source advisory: OSV:GHSA-83Q5-WHQP-R8JR...

7.5CVSS7.1AI score0.01351EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/12/20 9:30 a.m.6 views

com.datastax.oss:pulsar-jms-filters (>=4.0.0 <=4.0.1), io.streamnative.oss:pulsar-jms-filters (=4.0.5) +8 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (=3.0.0)

org.apache.pulsar:pulsar-websocket MAVEN version =3.0.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-websocket and may be impacted: - com.datastax.oss:pulsar-jms-filters =4.0.0, =4.0.1 - io.streamnative.oss:pulsar-jms-filter...

7.5CVSS7.1AI score0.01351EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/12/20 9:30 a.m.4 views

com.clever-cloud:biscuit-pulsar (=3.2.1), com.github.shoothzj:test-pulsar (>=3.1.12 <=3.1.15) +12 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (>=1.19.0-incubating <=2.10.4)

org.apache.pulsar:pulsar-websocket MAVEN version =1.19.0-incubating, =3.1.12, =0.0.1, =2.0.0-rc1-incubating, =1.19.0-incubating, =1.19.0-incubating, =2.10.0, =2.10.0, =2.0.0-rc1-incubating, =2.10.0, =2.10.0, =1.19.0-incubating, =1.0.0, =1.1.0 Source cves: CVE-2023-37544 Source advisory:...

7.5CVSS7.1AI score0.01351EPSS
Exploits0
Cvelist
Cvelist
added 2023/12/20 8:34 a.m.26 views

CVE-2023-37544 Apache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS

Improper Authentication vulnerability in Apache Pulsar WebSocket Proxy allows an attacker to connect to the /pingpong endpoint without authentication. This issue affects Apache Pulsar WebSocket Proxy: from 2.8.0 through 2.8., from 2.9.0 through 2.9., from 2.10.0 through 2.10.4, from 2.11.0 throug...

7.5CVSS7.7AI score0.01351EPSS
Exploits0References2
CVE
CVE
added 2023/12/20 8:34 a.m.73 views

CVE-2023-37544

CVE-2023-37544 covers an Improper Authentication vulnerability in the Apache Pulsar WebSocket Proxy, where an attacker can connect to the /pingpong endpoint without authentication. Affected are Pulsar WebSocket Proxy releases listed in the CVE, including 2.8.0–2.8., 2.9.0–2.9. , 2.10.0–2.10.4, 2....

7.5CVSS7.4AI score0.01351EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder