Lucene search
K

11 matches found

Cvelist
Cvelist
added 2026/04/20 1:20 p.m.29 views

CVE-2026-33558 Apache Kafka, Apache Kafka Clients: Information Exposure Through Network Client Log Output

Information exposure vulnerability has been identified in Apache Kafka. The NetworkClient component will output entire requests and responses information in the DEBUG log level in the logs. By default, the log level is set to INFO level. If the DEBUG level is enabled, the sensitive information wi...

0.00535EPSS
Exploits0References2
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.5 views

com.github.sakserv:hadoop-mini-clusters-kafka (>=0.1.1 <=0.1.3), com.n3twork.druid:druid-kafka-eight (=0.6.105-hadoop2.4.0) +22 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.9.2 (>=0.8.0-beta1 <=0.8.2.2)

org.apache.kafka:kafka2.9.2 MAVEN version =0.8.0-beta1, =0.1.1, =2.0.0-DP1, =2.0.0-rc.1, =1.4.0, =0.9.1, =1.0.0, =0.1, =1.0, =2.6.3.1, =0.0.1, =2.3.2, =0.8.0, =2.5.0, =2.11.0 and more Source cves: CVE-2025-27819 Source advisory: OSV:GHSA-MCWH-C9PG-XW43...

7.5CVSS6.5AI score0.00871EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.5 views

ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14), ai.tripl:arc-kafka-pipeline-plugin_2.11 (>=1.0.0 <=1.4.0) +224 more potentially affected by CVE-2025-27819 via org.apache.kafka:kafka_2.11 (>=2.0.0 <=2.4.1)

org.apache.kafka:kafka2.11 MAVEN version =2.0.0, =0.0.13, =1.0.0, =1.14.0, =2.8.0, =3.0.0-M1 - com.daasyyds.presto:daasyyds-hive-connector-patch =0.276.1-202209.1 and more Source cves: CVE-2025-27819 Source advisory: OSV:GHSA-MCWH-C9PG-XW43...

7.5CVSS6.4AI score0.00871EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2025/06/10 9:30 a.m.8 views

cn.herodotus.engine:message-spring-boot-starter (>=2.7.3.4 <=3.0.0-M2), com.airbus-cyber-security.graylog:graylog-plugin-aggregation-count (>=4.0.0 <=4.1.1) +232 more potentially affected by CVE-2025-27818 via org.apache.kafka:kafka_2.13 (>=2.4.0 <=3.9.0)

org.apache.kafka:kafka2.13 MAVEN version =2.4.0, =2.7.3.4, =4.0.0, =4.0.0, =4.0.0, =4.0.1, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.6.9, =2.10.7.4-SNAPSHOT-35e64fa - com.bisnode.kafka.authorizat...

8.8CVSS6.5AI score0.00881EPSS
Exploits0
Spring Security Advisories
Spring Security Advisories
added 2025/02/25 12:0 a.m.8 views

This Week in Spring - February 25th, 2025

Hi, Spring fans, and welcome to another rip-roarin' installment of This Week in Spring! Later today I'll board a plane for magnificent Montreal, Canada for the amazing Confoo conference! I'm super excited! Good news everybody! Spring Boot 3.5.0-M2 is now available! In last week's installment of t...

7.2AI score
Exploits0
vulnersOsv
vulnersOsv
added 2024/12/18 3:33 p.m.6 views

ai.tripl:arc-jupyter_2.11 (>=0.0.13 <=0.0.14), ai.tripl:arc-kafka-pipeline-plugin_2.11 (>=1.0.0 <=1.4.0) +569 more potentially affected by CVE-2024-56128 via org.apache.kafka:kafka_2.11 (>=0.10.2.0 <=2.4.1)

org.apache.kafka:kafka2.11 MAVEN version =0.10.2.0, =0.0.13, =1.0.0, =1.14.0, =1.0.0, =5.1.0, =1.1.0, =1.0.0, =1.1.0, =1.0.0, =1.0.0, =blink-3.2.0, =blink-3.2.0, =1.1.1, =1.1.4 - com.alibaba.otter:canal.kafka =1.1.0 and more Source cves: CVE-2024-56128 Source advisory: OSV:GHSA-P7C9-8XX8-H74F...

5.3CVSS6.7AI score0.0078EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2023/08/24 3:31 p.m.4 views

cn.herodotus.engine:event-message-spring-boot-starter (=3.0.1.0), com.brihaspathee.zeus:account-processor (>=1.0.0 <=1.0.1) +42 more potentially affected by CVE-2023-34040 via org.springframework.kafka:spring-kafka (>=3.0.0 <=3.0.1)

org.springframework.kafka:spring-kafka MAVEN version =3.0.0, =1.0.0, =2.0.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.0, =0.4.2 and more Source cves: CVE-2023-34040 Source advisory: OSV:GHSA-CRQF-Q9FP-HWJW...

7.8CVSS7.1AI score0.02162EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2022/07/19 1:40 p.m.5 views

Kafka: Timing Attack Vulnerability for Apache Kafka Connect and Clients

Some components in Apache Kafka use Arrays.equals to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnerability has been...

5.9CVSS7AI score0.05773EPSS
Exploits0References4
vulnersOsv
vulnersOsv
added 2022/05/13 1:25 a.m.4 views

ai.databand.azkaban:azkaban-exec-server (=3.18.0), ai.grakn:grakn-dist (>=0.10.0 <=0.15.0) +809 more potentially affected by CVE-2017-12610 via org.apache.kafka:kafka-clients (>=0.10.0.0 <=0.10.2.1)

org.apache.kafka:kafka-clients MAVEN version =0.10.0.0, =0.10.0, =0.10.0, =0.10.0, =0.2, =1.0.0, =1.1.10, =1.2.0 and more Source cves: CVE-2017-12610 Source advisory: OSV:GHSA-XM78-4M3G-7WM7...

6.8CVSS6.8AI score0.02985EPSS
Exploits0
vulnersOsv
vulnersOsv
added 2021/09/23 11:18 p.m.6 views

com.madewithtea:mockedstreams_2.12 (=3.9.0), io.github.embeddedkafka:embedded-kafka-connect_2.12 (=2.7.0) +5 more potentially affected by CVE-2021-38153 via org.apache.kafka:kafka_2.12 (>=2.7.0 <=2.7.1)

org.apache.kafka:kafka2.12 MAVEN version =2.7.0, =0.7.0, =0.7.0, =2.35.5, =2.36.3 Source cves: CVE-2021-38153 Source advisory: OSV:GHSA-3J6G-HXX5-3Q26...

5.9CVSS6.8AI score0.05773EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2018/12/04 4:0 p.m.4 views

kafka: Users can perform Broker actions via crafted fetch requests, interfering with data replication and causing data lass

In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss...

5.5CVSS5.8AI score0.04801EPSS
Exploits0References5
Rows per page
Query Builder