10 matches found
CVE-2026-29190
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
CVE-2026-29190
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
CVE-2026-29190
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
CVE-2026-29190 Karapace: Path Traversal in Backup Reader
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
CVE-2026-29190 Karapace: Path Traversal in Backup Reader
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
EUVD-2026-10147
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
CVE-2026-29190
Karapace (open-source Kafka REST/Schema Registry) prior to v6.0.0 contains a Path Traversal in the backup reader (backup/backends/v3/backend.py). An attacker could read arbitrary files on the host where Karapace runs by supplying a malicious backup file, with impact depending on the process’s fil...
CVE-2026-29190 Karapace: Path Traversal in Backup Reader
Karapace is an open-source implementation of Kafka REST and Schema Registry. Prior to version 6.0.0, there is a Path Traversal vulnerability in the backup reader backup/backends/v3/backend.py. If a malicious backup file is provided to Karapace, an attacker may exploit insufficient path validation...
PT-2026-23862
Name of the Vulnerable Software and Affected Versions Karapace versions prior to 6.0.0 Description Karapace is an implementation of Kafka REST and Schema Registry. A path traversal flaw exists in the backup reader backup/backends/v3/backend.py in versions before 6.0.0. An attacker providing a...
karapace 路径遍历漏洞
Karapace is an open-source message queue tool developed by Aiven Open. Versions of Karapace prior to 6.0.0 contained a path traversal vulnerability. This vulnerability stemmed from issues with the backup reader, allowing for arbitrary file access...