Lucene search
K

9 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.10 views

EUVD-2024-1140

Malicious code in bioql PyPI...

7.4CVSS7AI score0.01115EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2024/06/13 3:53 a.m.2 views

SUSE CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

7.4CVSS8.3AI score0.01115EPSS
Exploits0References3
OSV
OSV
added 2024/04/16 7:20 a.m.38 views

BIT-KAFKA-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced.Two preconditions are needed to trigger the bug:1. The administrator decides to remove an ACL2. The resource associated with the removed ACL continues to have two o...

7.4CVSS6.9AI score0.01115EPSS
Exploits0References2
Veracode
Veracode
added 2024/04/15 8:30 a.m.22 views

Incorrect Access Control

Apache Kafka is vulnerable to Incorrect Access Control. The vulnerability is due to an error in ACL management during ZK to KRaft mode migration, specifically when an ACL is removed while two or more other ACLs remain associated with the same resource. This condition results in Kafka treating the...

7.4CVSS7AI score0.01115EPSS
Exploits0References4Affected Software1
Github Security Blog
Github Security Blog
added 2024/04/12 9:33 a.m.38 views

Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

7.4CVSS6.9AI score0.01115EPSS
Exploits0References6Affected Software1
NVD
NVD
added 2024/04/12 7:15 a.m.22 views

CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

7.4CVSS6.3AI score0.01115EPSS
Exploits0References3
OSV
OSV
added 2024/04/12 7:15 a.m.7 views

CVE-2024-27309

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

7.4CVSS9.6AI score
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/04/12 6:58 a.m.68 views

CVE-2024-27309 Apache Kafka: Potential incorrect access control during migration from ZK mode to KRaft mode

While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL continues to have tw...

6.9AI score0.01115EPSS
Exploits0References3
CVE
CVE
added 2024/04/12 6:58 a.m.338 views

CVE-2024-27309

CVE-2024-27309 describes a migration-time vulnerability in Apache Kafka when moving from ZooKeeper mode to KRaft mode. Two preconditions trigger the issue: (1) an ACL is removed, and (2) the resource still has two or more other ACLs after the removal. In that scenario Kafka may treat the resource...

7.4CVSS6.9AI score0.01115EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder