14 matches found
CVE-2026-27133
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...
CVE-2026-27133
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...
CVE-2026-27133 Strimzi All CAs from CA chain will be trusted in Kafka Connect and Kafka MirrorMaker 2 target clusters
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 to before 0.50.1, when a chain consisting of multiple CA Certificate Authority certificates is used in the trusted certificates configuration of a Kafka Connect opera...
CVE-2026-27133
Summary: Strimzi Kafka Connect and Kafka MirrorMaker 2 operands on Kubernetes/OpenShift trust every CA in a multi-CA chain when configured as trusted certificates (versions 0.47.0–0.50.0). This allows certificates signed by any CA in the chain to be accepted when connecting to brokers, potentiall...
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands
Impact In some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands the GET access to all Kubernetes Secrets that exist in the given Kubernetes namespace. The exact scenario when this happens is when: Apache Kafka...
GHSA-XRHH-HX36-485Q Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands
Impact In some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands the GET access to all Kubernetes Secrets that exist in the given Kubernetes namespace. The exact scenario when this happens is when: Apache Kafka...
EUVD-2025-201497
Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands...
CVE-2025-66623
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands th...
CVE-2025-66623 Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands th...
CVE-2025-66623 Strimzi allows unrestricted access to all Secrets in the same Kubernetes namespace from Kafka Connect and MirrorMaker 2 operands
Strimzi provides a way to run an Apache Kafka cluster on Kubernetes or OpenShift in various deployment configurations. From 0.47.0 and prior to 0.49.1, in some situations, Strimzi creates an incorrect Kubernetes Role which grants the Apache Kafka Connect and Apache Kafka MirrorMaker 2 operands th...
PT-2025-49308
Name of the Vulnerable Software and Affected Versions Strimzi versions 0.47.0 through 0.49.0 Description Strimzi allows running an Apache Kafka cluster on Kubernetes or OpenShift. Versions from 0.47.0 up to 0.49.0 incorrectly create a Kubernetes Role. This role grants Apache Kafka Connect and...
CVE-2024-36543
Incorrect access control in the Kafka Connect REST API in the STRIMZI Project 0.41.0 and earlier allows an attacker to deny the service for Kafka Mirroring, potentially mirror the topics' content to his Kafka cluster via a malicious connector bypassing Kafka ACL if it exists, and potentially stea...
PT-2024-27064 · Unknown · Strimzi Project
Name of the Vulnerable Software and Affected Versions: STRIMZI Project versions 0.41.0 and earlier Description: The issue is related to incorrect access control in the Kafka Connect REST API, which can be exploited to deny service for Kafka Mirroring. An attacker can potentially mirror topics'...
Strimzi Security Vulnerability
Strimzi is a program from the Strimzi open source that allows running Apache Kafka clusters on Kubernetes in various deployment configurations. A security vulnerability exists in Strimzi 0.41.0 and earlier versions, which stems from incorrect access control in the Kafka Connect REST API, allowing...