CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

EUVD-2023-1201

Malicious code in bioql PyPI...

GHSA-55VQ-XPJF-R2XC Lightbend Alpakka Kafka logs credentials on debug level

Lightbend Alpakka Kafka before 4.0.2 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

Lightbend Alpakka Kafka logs credentials on debug level

Lightbend Alpakka Kafka before 4.0.2 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

Design/Logic Flaw

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

Lightbend Alpakka Kafka 安全漏洞

Lightbend Alpakka Kafka is a powerful connector from Lightbend USA. A security vulnerability exists in Lightbend Alpakka Kafka versions prior to 5.0.0 that stems from log files containing sensitive information...

PT-2023-22270 · Lightbend · Alpakka Kafka

Name of the Vulnerable Software and Affected Versions: Lightbend Alpakka Kafka versions prior to 5.0.0 Description: The issue allows log files to contain credentials if plain cleartext login is configured, as the configuration is logged as debug information. This occurs in the...

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials if plain cleartext login is configured. This occurs in akka.kafka.internal.KafkaConsumerActor...

CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 stores configuration in debug logs, potentially exposing credentials in log files via akka.kafka.internal.KafkaConsumerActor. AFFECTED: Lightbend Alpakka Kafka versions prior to 5.0.0. IMPACT: credential exposure in log files. REMEDIATION: upgrade to 5.0.0 or ...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=2.0.0 <=2.0.1), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.0 <=2.0.1) +51 more potentially affected by CVE-2022-37021 via org.apache.geode:geode-core (>=1.0.0-incubating <=1.12.1)

org.apache.geode:geode-core MAVEN version =1.0.0-incubating, =2.0.0, =2.0.0, =2.0.0, =0.3.12, =0.3.5, =2.4.0, =1.22.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.0.0-incubating, =1.12.1 and more Source cves: CVE-2022-37021 Source advisory: OSV:GHSA-Q4Q3-R45F-7GWG...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=2.0.0 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.0 <=3.0.4) +53 more potentially affected by CVE-2022-37023 via org.apache.geode:geode-core (>=1.0.0-incubating <=1.14.4)

org.apache.geode:geode-core MAVEN version =1.0.0-incubating, =2.0.0, =2.0.0, =2.0.0, =0.3.12, =0.3.5, =2.4.0, =1.22.0, =1.14.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.14.4 and more Source cves: CVE-2022-37023 Source advisory: OSV:GHSA-72X9-48MC-PHH6...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=2.0.0 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.0 <=3.0.4) +53 more potentially affected by CVE-2022-37022 via org.apache.geode:geode-core (>=1.0.0-incubating <=1.14.4)

org.apache.geode:geode-core MAVEN version =1.0.0-incubating, =2.0.0, =2.0.0, =2.0.0, =0.3.12, =0.3.5, =2.4.0, =1.22.0, =1.14.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.14.4 and more Source cves: CVE-2022-37022 Source advisory: OSV:GHSA-QF8G-VPWP-6579...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=0.10 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=0.10 <=6.0.2) +71 more potentially affected by CVE-2017-9795 via org.apache.geode:geode-core (>=1.10.0 <=1.2.1)

org.apache.geode:geode-core MAVEN version =1.10.0, =0.10, =0.10, =2.0.0, =0.1.9, =2.4.0, =1.22.0, =1.14.0, =1.10.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.15.3 and more Source cves: CVE-2017-9795 Source advisory: OSV:GHSA-6M68-3W55-6MX4...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (>=0.10 <=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=0.10 <=6.0.2) +71 more potentially affected by CVE-2017-15695 via org.apache.geode:geode-core (>=1.10.0 <=1.4.0)

org.apache.geode:geode-core MAVEN version =1.10.0, =0.10, =0.10, =2.0.0, =0.1.9, =2.4.0, =1.16.0, =1.14.0, =1.4.0, =1.10.0, =1.10.0, =1.12.0, =1.11.0, =1.15.3 and more Source cves: CVE-2017-15695 Source advisory: OSV:GHSA-JMG4-X4VP-6C6X...

com.lightbend.akka:akka-stream-alpakka-geode_2.11 (=2.0.2), com.lightbend.akka:akka-stream-alpakka-geode_2.12 (>=2.0.2 <=3.0.4) +41 more potentially affected by CVE-2021-34797 via org.apache.geode:geode-core (>=1.13.0 <=1.13.4)

org.apache.geode:geode-core MAVEN version =1.13.0, =2.0.2, =2.0.2, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.0, =1.13.2, =1.13.2, =1.13.2, =1.13.0, =1.13.0, =1.13.4 and more Source cves: CVE-2021-34797 Source advisory: OSV:GHSA-MW25-F5R2-HPC6...