BIT-JAEGER-2020-10750

Sensitive information written to a log file vulnerability was found in jaegertracing/jaeger before version 1.18.1 when the Kafka data store is used. This flaw allows an attacker with access to the container's log file to discover the Kafka credentials...

CVE-2023-36648

Missing authentication in the internal data streaming system in ProLion CryptoSpike 3.0.15P2 allows remote unauthenticated users to read potentially sensitive information and deny service to users by directly reading and writing data in Apache Kafka as consumer and producer...

Exploit for Deserialization of Untrusted Data in Apache Kafka_Connect

SecVulList-Veraxy00 Let’s share some vulnerabilities I’ve id...

PT-2020-12312 · Jaegertracing · Jaeger

Name of the Vulnerable Software and Affected Versions: jaegertracing/jaeger versions prior to 1.18.1 Description: A sensitive information exposure issue was discovered when the Kafka data store is used, allowing an attacker with access to the container's log file to obtain the Kafka credentials...

SUSE-SU-2018:2536-1 Security update for grafana, kafka, logstash and monasca-installer

This update for grafana, kafka, logstash and monasca-installer fixes the following issues: The following security issues have been fixed: grafana: - CVE-2018-12099: Fix Cross-Site-Scripting XSS vulnerabilities in dashboard links. bsc1096985 kafka: - CVE-2018-1288: Authenticated Kafka users may...