Lucene search
K

7 matches found

Veracode
Veracode
added 2023/05/04 2:21 a.m.66 views

Password Disclosure

akka-stream-kafka is vulnerable to Password Disclosure. The vulnerability exists because it does not redact the Consumer or Producer properties in logs, which allows an attacker to read credentials as plaintext through the akka.kafka.internal.KafkaConsumerActor when debug logging is enabled...

5.5CVSS5.5AI score0.00152EPSS
Exploits0References4Affected Software3
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.5 views

com.github.arielf-camacho:kafka-utils_2.12 (>=1.0.1 <=1.0.3), com.github.j5ik2o:akka-persistence-dynamodb-kafka-write-adaptor_2.12 (=1.1.0) +56 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.12 (>=0.13 <=4.0.1)

com.typesafe.akka:akka-stream-kafka2.12 MAVEN version =0.13, =1.0.1, =1.0.1, =2.0.5, =1.0.0, =0.3, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =0.0.0-NIGHTLY01122020, =1.4.0, =1.4.0, =1.4.0, =1.4.0, =1.6.8-RC1 and more Source cves:...

5.5CVSS6AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.6 views

com.typesafe.akka:akka-stream-kafka-cluster-sharding_3 (=4.0.1), com.typesafe.akka:akka-stream-kafka-testkit_3 (=4.0.1) potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_3 (=4.0.1)

com.typesafe.akka:akka-stream-kafka3 MAVEN version =4.0.1 is affected by a known vulnerability. The following packages have a transitive dependency on com.typesafe.akka:akka-stream-kafka3 and may be impacted: - com.typesafe.akka:akka-stream-kafka-cluster-sharding3 =4.0.1 -...

5.5CVSS6AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.4 views

com.github.j5ik2o:akka-persistence-dynamodb-kafka-write-adaptor_2.11 (=1.1.0), com.github.j5ik2o:akka-persistence-kafka_2.11 (>=1.0.4 <=1.0.5) +1 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=2.0.0 <=2.0.7)

com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =2.0.0, =1.0.4, =2.0.0, =2.0.7 Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...

5.5CVSS6AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.7 views

com.lightbend.lagom:lagom-javadsl-integration-client_2.11 (>=1.5.0 <=1.5.5), com.lightbend.lagom:lagom-javadsl-kafka-broker_2.11 (>=1.5.0 <=1.5.5) +7 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=1.0 <=1.1.0)

com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =1.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.5.0, =1.0, =1.1.0-RC2 Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...

5.5CVSS6AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.6 views

com.adendamedia:cornucopia_2.11 (>=0.5.0 <=0.6.2), com.deciphernow:franz_2.11 (=1.0.0) +17 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.11 (>=0.11-M2 <=0.22)

com.typesafe.akka:akka-stream-kafka2.11 MAVEN version =0.11-M2, =0.5.0, =2.0.5, =0.1.3, =1.0.0, =1.2.0, =1.2.0, =1.2.0, =1.3.0, =1.3.0, =1.3.0, =1.3.0, =1.4.9, =1.4.15 - de.nierbeck.floating.data:akka-ingest2.11 =0.1.1 - de.nierbeck.floating.data:akka-server2.11 =0.1.1 and more Source cves:...

5.5CVSS6AI score0.00152EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/04/27 9:30 p.m.5 views

biz.lobachev.annette:application_2.13 (>=0.1.2 <=0.3.0), biz.lobachev.annette:attributes_2.13 (>=0.1.2 <=0.2.5) +71 more potentially affected by CVE-2023-29471 via com.typesafe.akka:akka-stream-kafka_2.13 (>=1.0.4 <=4.0.1)

com.typesafe.akka:akka-stream-kafka2.13 MAVEN version =1.0.4, =0.1.2, =0.1.2, =0.1.2, =0.3.0, =0.1.2, =0.1.2, =0.3.0, =0.3.0, =1.0.1, =22.10.0, =0.1.6, =0.1, =0.0.0-NIGHTLY01122020, =back-to-core-SNAPSHOT-4 and more Source cves: CVE-2023-29471 Source advisory: OSV:GHSA-55VQ-XPJF-R2XC...

5.5CVSS6AI score0.00152EPSS
Exploits0
Rows per page
Query Builder