Lucene search
Pulsar Security Vulnerabilities - February 2022
cve
In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it for...
6.5CVSS
6.1AI Score
0.002EPSS
2022-02-01 01:15 PM
58