Lucene search
K

5 matches found

vulnersOsv
vulnersOsv
added 2024/03/12 9:30 p.m.5 views

org.apache.pulsar:pulsar-broker (=3.2.0), org.apache.pulsar:pulsar-broker-auth-athenz (=3.2.0) +3 more potentially affected by CVE-2024-27894 via org.apache.pulsar:pulsar-functions-worker (=3.2.0)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.2.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-functions-worker and may be impacted: - org.apache.pulsar:pulsar-broker =3.2.0 -...

8.8CVSS7.2AI score0.01895EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/12 9:30 p.m.6 views

io.github.embedded-middleware:embedded-pulsar-core (>=0.0.4 <=0.0.5), org.apache.pulsar:pulsar-broker (>=2.11.0 <=2.11.3) +4 more potentially affected by CVE-2024-27894 via org.apache.pulsar:pulsar-functions-worker (>=2.11.0 <=2.11.3)

org.apache.pulsar:pulsar-functions-worker MAVEN version =2.11.0, =0.0.4, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.0, =2.11.3 Source cves: CVE-2024-27894 Source advisory: OSV:GHSA-C2X9-VW5H-39VC...

8.8CVSS7.2AI score0.01895EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/12 9:30 p.m.5 views

com.datastax.oss:pulsar-jms-filters (>=4.0.0 <=4.0.1), io.github.yangl:pulsar-msg-filter-plugin (=3.0) +6 more potentially affected by CVE-2024-27894 via org.apache.pulsar:pulsar-functions-worker (>=3.0.0 <=3.0.2)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.0.0, =4.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.0, =3.0.17 Source cves: CVE-2024-27894 Source advisory: OSV:GHSA-C2X9-VW5H-39VC...

8.8CVSS7.2AI score0.01895EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2024/03/12 9:30 p.m.3 views

org.apache.pulsar:pulsar-broker (>=3.1.0 <=3.1.2), org.apache.pulsar:pulsar-broker-auth-athenz (>=3.1.0 <=3.1.2) +3 more potentially affected by CVE-2024-27894 via org.apache.pulsar:pulsar-functions-worker (>=3.1.0 <=3.1.2)

org.apache.pulsar:pulsar-functions-worker MAVEN version =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.0, =3.1.2 Source cves: CVE-2024-27894 Source advisory: OSV:GHSA-C2X9-VW5H-39VC...

8.8CVSS7.2AI score0.01895EPSS
Exploits0
Cvelist
Cvelist
added 2024/03/12 6:19 p.m.18 views

CVE-2024-27894 Apache Pulsar: Pulsar Functions Worker Allows Unauthorized File Access and Unauthorized HTTP/HTTPS Proxying

The Pulsar Functions Worker includes a capability that permits authenticated users to create functions where the function's implementation is referenced by a URL. The supported URL schemes include "file", "http", and "https". When a function is created using this method, the Functions Worker will...

8.5CVSS8.6AI score0.01895EPSS
Exploits0References3
Rows per page
Query Builder