3 matches found
CVE-2021-41571
creationtimestamp| type| source ---|---|--- 2025-06-04 12:39:24+00:00| seen| https://gist.github.com/Denovo1998/0b2ab59e46ce23a9fa4c61c5d866675f 2025-06-13 11:52:01+00:00| seen| https://gist.github.com/Denovo1998/163e55b3a612873364a00cf0df5a1b95...
CVE-2021-41571 Pulsar Admin API allows access to data from other tenants using getMessageById API
In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it f...
CVE-2021-41571
In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it f...