Lucene search
K

4 matches found

vulnersOsv
vulnersOsv
added 2022/09/25 12:0 a.m.10 views

com.clever-cloud:biscuit-pulsar (>=2.3.2 <=3.2.0), com.github.shoothzj:test-pulsar (>=3.1.7 <=3.1.11) +4 more potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-broker (>=2.9.0 <=2.9.2)

org.apache.pulsar:pulsar-broker MAVEN version =2.9.0, =2.3.2, =3.1.7, =2.9.0, =2.9.0, =2.9.0, =2.9.0, =2.9.2 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...

5.9CVSS6.2AI score0.00568EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/25 12:0 a.m.6 views

org.apache.pulsar:pulsar-server-distribution (>=2.8.0 <=2.8.3) potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-proxy (>=2.8.0 <=2.8.3)

org.apache.pulsar:pulsar-proxy MAVEN version =2.8.0, =2.8.0, =2.8.3 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...

5.9CVSS6.2AI score0.00568EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2022/09/25 12:0 a.m.4 views

org.apache.pulsar:distribution (>=2.0.0-rc1-incubating <=2.0.1-incubating), org.apache.pulsar:pulsar-docker-image (>=2.0.0-rc1-incubating <=2.7.4) +1 more potentially affected by CVE-2022-33683 via org.apache.pulsar:pulsar-proxy (>=2.0.0-rc1-incubating <=2.7.4)

org.apache.pulsar:pulsar-proxy MAVEN version =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.0.0-rc1-incubating, =2.1.0-incubating, =2.11.4 Source cves: CVE-2022-33683 Source advisory: OSV:GHSA-J3QW-G67Q-7M64...

5.9CVSS6.2AI score0.00568EPSS
Exploits0
CVE
CVE
added 2022/09/23 9:25 a.m.75 views

CVE-2022-33683

Apache Pulsar Brokers and Proxies expose an internal Pulsar Admin Client that does not verify peer TLS certificates, even with tlsAllowInsecureConnection disabled. This enables MITM scenarios on intra-cluster and geo-replication HTTPS connections, potentially leaking authentication data, configur...

5.9CVSS5.6AI score0.00568EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder