com.clever-cloud:biscuit-pulsar (=3.2.1), com.github.shoothzj:test-pulsar (>=3.1.12 <=3.1.15) +12 more potentially affected by CVE-2023-37544 via org.apache.pulsar:pulsar-websocket (>=1.19.0-incubating <=2.10.4)

org.apache.pulsar:pulsar-websocket MAVEN version =1.19.0-incubating, =3.1.12, =0.0.1, =2.0.0-rc1-incubating, =1.19.0-incubating, =1.19.0-incubating, =2.10.0, =2.10.0, =2.0.0-rc1-incubating, =2.10.0, =2.10.0, =1.19.0-incubating, =1.0.0, =1.1.0 Source cves: CVE-2023-37544 Source advisory:...

The vulnerabilities of the Pulsar C++ Client and Pulsar Python Client components of the cloud platform for distributed messaging and Apache Pulsar’s streaming communication allow attackers to execute “man-in-the-middle” attacks.

The vulnerability of the Pulsar C++ Client and Pulsar Python Client components of the cloud platform for distributed messaging and Apache Pulsar streaming communication is related to errors in the certificate validation process during TLS authentication. Exploiting this vulnerability could allow ...

c8-source-c8collection (>=0.0.2 <=0.0.10), macrometa-source-collection (>=0.0.11 <=1.0.6a2) potentially affected by CVE-2022-33684 via pulsar-client (=2.10.1)

pulsar-client PYPI version =2.10.1 is affected by a known vulnerability. The following packages have a transitive dependency on pulsar-client and may be impacted: - c8-source-c8collection =0.0.2, =0.0.11, =1.0.6a2 Source cves: CVE-2022-33684 Source advisory: OSV:GHSA-5R3H-C3R7-9W4H...

PT-2022-5873 · Apache · Apache Pulsar C++ Client +1

Name of the Vulnerable Software and Affected Versions: Apache Pulsar C++ Client versions 2.7.0 through 2.7.4 Apache Pulsar C++ Client versions 2.8.0 through 2.8.3 Apache Pulsar C++ Client versions 2.9.0 through 2.9.2 Apache Pulsar C++ Client versions 2.10.0 through 2.10.1 Apache Pulsar C++ Client...

com.alibaba.otter:canal.client (>=1.1.6 <=1.1.7), com.alibaba.otter:canal.example (=1.1.7) +86 more potentially affected by CVE-2022-33681 via org.apache.pulsar:pulsar-client (>=2.8.0 <=2.8.3)

org.apache.pulsar:pulsar-client MAVEN version =2.8.0, =1.1.6, =1.1.6, =2.2.2, =1.1.0, =1.1.0, =0.0.1, =0.0.1, =0.0.1, =0.0.3, =0.2.0 - com.seelyn:tdmq-spring-boot-starter =1.1.3 - com.seelyn:tdmq-spring-boot-starter-demo =1.1.3 and more Source cves: CVE-2022-33681 Source advisory:...

club.callmee:spring-boot-pulsar-starter-client (>=2.10.0-11-1 <=2.10.0-11-3), cn.starlight-software:sherly-pulsar (=2.0.6) +284 more potentially affected by CVE-2022-33681 via org.apache.pulsar:pulsar-client (>=1.19.0-incubating <=2.7.4)

org.apache.pulsar:pulsar-client MAVEN version =1.19.0-incubating, =2.10.0-11-1, =0.0.2, =0.0.1, =0.0.1, =2.8.2, =2.8.2, =2.8.2, =v2.8.2 - com.clever-cloud.pulsar4s:pulsar4s-avro3 =2.9.0 and more Source cves: CVE-2022-33681 Source advisory: OSV:GHSA-C5FP-X2H5-VJV7...

club.callmee:spring-boot-pulsar-starter-client (>=2.10.0-11-1 <=2.10.0-11-3), com.datastax.astra:astra-sdk (>=0.3.1 <=0.3.3) +34 more potentially affected by CVE-2022-33681 via org.apache.pulsar:pulsar-client (=2.10.0)

org.apache.pulsar:pulsar-client MAVEN version =2.10.0 is affected by a known vulnerability. The following packages have a transitive dependency on org.apache.pulsar:pulsar-client and may be impacted: - club.callmee:spring-boot-pulsar-starter-client =2.10.0-11-1, =0.3.1, =0.3.1, =0.3.1, =1.0.5,...

com.clever-cloud.pulsar4s:pulsar4s-akka-streams_2.12 (>=2.8.0 <=2.8.1), com.clever-cloud.pulsar4s:pulsar4s-akka-streams_2.13 (>=2.8.0 <=2.8.1) +112 more potentially affected by CVE-2022-33681 via org.apache.pulsar:pulsar-client (>=2.9.0 <=2.9.2)

org.apache.pulsar:pulsar-client MAVEN version =2.9.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.0, =2.8.1 and more Source cves: CVE-2022-33681 Source advisory: OSV:GHSA-C5FP-X2H5-VJV7...