Lucene search
+L

28 matches found

ibm
ibm
added 2023/09/05 10:44 a.m.31 views

Security Bulletin: Due to use of Kafka, IBM Cloud Pak for Multicloud Management Monitoring could allow a remote attacker to obtain sensitive information.

Summary Kafka is used by multiple components of IBM Cloud Pak for Multicloud Management Monitoring as part of ability to handle large volumes of data in real-time data processing and integration. Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to...

5.9CVSS6.3AI score0.06252EPSS
Exploits0Affected Software1
ibm
ibm
added 2023/02/24 6:34 a.m.45 views

Security Bulletin: Vulnerabilities found within Apache Storm that is used by IBM Tivoli Network Manager (ITNM) IP Edition

Summary Vulnerabilities found within Apache Storm CVE-2020-25649, CVE-2020-36518, CVE-2021-22569, CVE-2021-38153 that is used by IBM Tivoli Network Manager ITNM IP Edition Vulnerability Details CVEID:CVE-2020-25649 DESCRIPTION: FasterXML Jackson Databind could provide weaker than expected securit...

7.5CVSS7.2AI score0.17611EPSS
Exploits2Affected Software1
ibm
ibm
added 2022/11/14 4:37 a.m.40 views

Security Bulletin: Vulnerability from Apache Kafka affect IBM Operations Analytics - Log Analysis (CVE-2021-38153)

Summary Apache Kafka is vulnerable to timing attacks that could allow remote attacker to obtain sensitive information Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use o...

5.9CVSS6.4AI score0.06252EPSS
Exploits0Affected Software1
ibm
ibm
added 2022/11/08 4:36 p.m.80 views

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has fixed these vulnerabilities. Vulnerability Details CVEID:CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to the use of "Arrays.equals" to validate a password or key. By...

7.4CVSS7.5AI score0.50445EPSS
Exploits0Affected Software1
ibm
ibm
added 2022/06/16 6:6 p.m.38 views

Security Bulletin: Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure (CVE-2021-38153, CVE-2018-17196)

Summary Apache Kafka as used by IBM QRadar SIEM is vulnerable to information disclosure. IBM has addressed the relevant CVEs. Vulnerability Details CVEID: CVE-2021-38153 DESCRIPTION: Apache Kafka could allow a remote attacker to obtain sensitive information, caused by a timing attack flaw due to...

8.8CVSS1.9AI score0.06252EPSS
Exploits0Affected Software1
redhat
redhat
added 2022/05/12 11:58 a.m.130 views

Moderate: Red Hat Security Advisory: Red Hat Data Grid 8.3.1 security update

An update for Red Hat Data Grid is now available. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE links in the...

7.5CVSS6.8AI score0.06252EPSS
Exploits1References6
redhat
redhat
added 2022/03/31 11:14 a.m.39 views

Moderate: Red Hat Security Advisory: Red Hat build of Eclipse Vert.x 4.2.5 security update

An update is now available for Red Hat build of Eclipse Vert.x. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more...

5.9CVSS6.8AI score0.06252EPSS
Exploits0References4
redhat
redhat
added 2022/02/21 6:22 p.m.66 views

Moderate: Red Hat Security Advisory: Red Hat build of Quarkus 2.2.5 release and security update

An update is now available for Red Hat build of Quarkus. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability. For more information...

10CVSS6.9AI score0.07318EPSS
Exploits3References12
redhat
redhat
added 2022/02/09 4:18 p.m.48 views

Moderate: Red Hat Security Advisory: Red Hat Integration - Service Registry release and security update [2.0.3.GA]

An update to the images for Red Hat Integration Service Registry is now available from the Red Hat Container Catalog. The purpose of this text-only errata is to inform you about the security issues fixed in this release. Red Hat Product Security has rated this update as having a security impact o...

7.5CVSS6.7AI score0.1121EPSS
Exploits0References3
redhat
redhat
added 2022/01/20 6:19 p.m.77 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 1.6.6 release and security update

Red Hat AMQ Streams 1.6.6 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

5.9CVSS7AI score0.99999EPSS
Exploits20References4
redhat
redhat
added 2022/01/13 3:25 p.m.148 views

Moderate: Red Hat Security Advisory: Red Hat AMQ Streams 2.0.0 release and security update

Red Hat AMQ Streams 2.0.0 is now available from the Red Hat Customer Portal. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

9CVSS7.8AI score0.99977EPSS
Exploits48References7
ibm
ibm
added 2021/12/11 12:21 a.m.41 views

Security Bulletin: Multiple vulnerabilities have been identified in open source software shipped with IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library

Summary Netty and Apache Kafka are dependency components shipped with the IBM Tivoli Netcool/OMNIbus Transport Module Common Integration Library for Message Bus Integrations. Information about the security vulnerability affecting Netty CVE-2021-37137, CVE-2021-37136 and Apache Kafka CVE-2021-3815...

7.5CVSS7.1AI score0.0628EPSS
Exploits0Affected Software1
nessus
nessus
added 2021/11/12 12:0 a.m.42 views

Photon OS 3.0: Kafka PHSA-2021-3.0-0324

An update of the kafka package has been released. C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2021-3.0-0324. The text itself is copyright C VMware, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...

5.9CVSS7.4AI score0.06252EPSS
Exploits0References2
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.7 views

com.bisnode.kafka.authorization:opa-authorizer (>=1.1.0 <=1.2.0), com.consol.citrus:citrus-kafka (>=3.0.0 <=3.1.1) +27 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.13 (=2.8.0)

org.apache.kafka:kafka2.13 MAVEN version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kafka:kafka2.13 and may be impacted: - com.bisnode.kafka.authorization:opa-authorizer =1.1.0, =3.0.0, =1.0.0, =1.0.0, =1.0.5, =1.0.6 -...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.5 views

com.comcast.money:money-kafka_2.13 (>=0.9.1 <=0.15.1), com.consol.citrus:citrus-kafka (>=3.0.0-M2 <=3.0.0-M3) +57 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=2.6.2)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =0.9.1, =3.0.0-M2, =1.7, =2.1.0, =3.5.1, =2.4.0, =2.5.1.2 - com.revivebird.finagle:finatra-kafka-streams-prerestore2.13 =25.11.0 and more Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.6 views

ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14), ai.tripl:arc-kafka-pipeline-plugin_2.11 (>=1.0.0 <=1.4.0) +224 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.11 (>=2.0.0 <=2.4.1)

org.apache.kafka:kafka2.11 MAVEN version =2.0.0, =0.0.13, =1.0.0, =1.14.0, =2.8.0, =3.0.0-M1 - com.daasyyds.presto:daasyyds-hive-connector-patch =0.276.1-202209.1 and more Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.7 views

cc.vihackerframework:vihacker-kafka-starter (>=1.0.4.R <=1.0.6.R), cn.geektool:geektool-kafka (>=0.0.1 <=0.0.9) +1058 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka-clients (>=2.7.0 <=2.7.1)

org.apache.kafka:kafka-clients MAVEN version =2.7.0, =1.0.4.R, =0.0.1, =0.0.9-jdk8, =0.0.4, =4.0.0, =4.1.1 and more Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.5 views

ai.chronon:flink_2.12 (>=0.0.62 <=def544ccef5f753238ecc4adfc2eaa7d2fc36d53-0.0.91), ai.chronon:online_2.11 (>=0.0.25 <=revert-391-thread-0.0.24) +2962 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka-clients (>=2.0.0 <=2.6.2)

org.apache.kafka:kafka-clients MAVEN version =2.0.0, =0.0.62, =0.0.25, =0.0.25, =0.0.86, =0.0.1, =0.0.1, =thread-pool-0.0.24-dev, =0.0.6, =0.0.2, =1.0.0, =0.0.13, =1.0.0, =1.0.0, =1.14.0, =1.15.0 and more Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.5 views

com.salesforce.kafka.test:kafka-junit (=3.2.3), com.salesforce.kafka.test:kafka-junit-core (=3.2.3) +12 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.12 (=2.8.0)

org.apache.kafka:kafka2.12 MAVEN version =2.8.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.kafka:kafka2.12 and may be impacted: - com.salesforce.kafka.test:kafka-junit =3.2.3 - com.salesforce.kafka.test:kafka-junit-core =3.2.3 -...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
vulnersosv
vulnersosv
added 2021/09/23 11:18 p.m.6 views

com.madewithtea:mockedstreams_2.12 (=3.9.0), io.github.embeddedkafka:embedded-kafka-connect_2.12 (=2.7.0) +5 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.12 (>=2.7.0 <=2.7.1)

org.apache.kafka:kafka2.12 MAVEN version =2.7.0, =0.7.0, =0.7.0, =2.35.5, =2.36.3 Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.06252EPSS
Exploits0
Rows per page
Query Builder