Lucene search
K

4 matches found

Chainguard
Chainguard
added 2026/06/09 1:17 p.m.7 views

GHSA-5X3R-WRVG-RP6Q vulnerabilities

Vulnerabilities for packages: flyway-fips, commercial-elasticsearch, kayenta, airbyte-server-fips, grpc-java-fips, apache-nifi, spark-kubernetes-operator-fips, apache-hop-fips, knative-kafka-broker-fips, reposilite, camunda, spark-fips, opensearch, management-api-for-apache-cassandra-4.1, wildfly...

5.9AI score
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/23 2:18 a.m.10 views

CVE-2023-51437

Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users should also consider...

7.4CVSS6.6AI score0.00763EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 12:36 a.m.12 views

CVE-2022-33682

TLS hostname verification cannot be enabled in the Pulsar Broker's Java Client, the Pulsar Broker's Java Admin Client, the Pulsar WebSocket Proxy's Java Client, and the Pulsar Proxy's Admin Client leaving intra-cluster connections and geo-replication connections vulnerable to man in the middle...

5.9CVSS6.7AI score0.00581EPSS
Exploits0References1
OSV
OSV
added 2024/03/12 7:15 p.m.8 views

CVE-2024-28098

The vulnerability allows authenticated users with only produce or consume permissions to modify topic-level policies, such as retention, TTL, and offloading settings. These management operations should be restricted to users with the tenant admin role or super user role. This issue affects Apache...

5.4CVSS6.3AI score0.01701EPSS
Exploits0References3
Rows per page
Query Builder