16 matches found
CVE-2024-56128
CVE-2024-56128 affects Apache Kafka SCRAM authentication. Root cause: SCRAM server nonce verification against the server’s first message was not performed per RFC 5802, enabling plaintext-snooping scenarios if SCRAM is used over non-TLS. Impact: exploitation requires access to plaintext SCRAM exc...
CVE-2020-27218
CVE-2020-27218 affects Eclipse Jetty 9.4.x (9.4.0.RC0–9.4.34.v20201102), 10.x (10.0.0.alpha0–beta2), and 11.x (11.0.0.alpha0–beta2). When GZIP request body inflation is enabled and requests from different clients are multiplexed on one connection, an attacker who can send a body that is received ...
CVE-2024-31141
CVE-2024-31141 affects Apache Kafka Clients (2.3.0–3.7.0, including 3.5.2 and 3.6.2) with ConfigProvider plugins that read from disk or environment variables via FileConfigProvider/DirectoryConfigProvider/EnvVarConfigProvider. The root cause is improper privilege management that allows untrusted ...
CVE-2021-38153
CVE-2021-38153 : Apache Kafka components validate passwords/keys with Arrays.equals, enabling timing attacks that can aid brute-force attempts. Affected releases include Kafka 2.0.0–2.8.0. The issue is fixed in 2.8.1+ and in 3.0.0+. Remediation: upgrade to 2.8.1+ or 3.0.0+ where the vulnerability...
CVE-2025-27817
CVE-2025-27817 : An arbitrary file read and SSRF flaw in the Apache Kafka Client (affecting Kafka Connect and related clients) allows untrusted configuration of SASL/OAUTHBEARER endpoint URLs to read local files or reach unintended URLs. Root cause: endpoints sasl.oauthbearer.token.endpoint.url a...
CVE-2024-27309
CVE-2024-27309 describes a migration-time vulnerability in Apache Kafka when moving from ZooKeeper mode to KRaft mode. Two preconditions trigger the issue: (1) an ACL is removed, and (2) the resource still has two or more other ACLs after the removal. In that scenario Kafka may treat the resource...
CVE-2022-34917
Apache Kafka (CVE-2022-34917) is vulnerable to denial of service due to a memory allocation issue on brokers triggered by malicious unauthenticated clients. Affected releases start from 2.8.0 onward, with scenarios including clusters without authentication, with SASL, or with TLS (TLS requires su...
CVE-2018-17196
CVE-2018-17196 (Apache Kafka) : A vulnerability in Kafka versions 0.11.0.0–2.1.0 allows a remote authenticated attacker to bypass transaction/idempotent ACL validation by crafting a Produce request. The issue stems from improper input validation, requiring authenticated clients with Write permiss...
CVE-2026-41115
Summary: CVE-2026-41115 describes an improper authorization issue in Apache Kafka related to the CONSUMER_GROUP_DESCRIBE API. The vulnerability discussion notes a discrepancy between ACLs and documented permissions, but states that the correct permission for the API is DESCRIBE GROUP and that the...
CVE-2025-27818
Summary of CVE-2025-27818 (Apache Kafka): The issue involves an authenticated operator who, via alterConfig on a cluster resource (or Kafka Connect worker) and by modifying connector configs through the REST API, can set sasl.jaas.config on Kafka clients to an LDAP/JndiLoginModule path (e.g., com...
CVE-2019-12399
CVE-2019-12399 affects Apache Kafka Connect: when Connect workers are configured with config providers and a connector uses an externalized secret variable within a substring of a configuration value, an attacker can request a cluster’s task configuration and receive the plaintext secret instead ...
CVE-2025-27819
CVE-2025-27819 describes a Kafka vulnerability enabling RCE/Denial of Service via SASL JAAS JndiLoginModule configuration, affecting Kafka Connect API and Apache Kafka brokers. Exploitation requires network access to the cluster and the AlterConfigs permission on the cluster resource. The root ca...
CVE-2018-1288
CVE-2018-1288 affects Apache Kafka across multiple 0.9.x–1.0.0 release lines; authenticated users can issue a fetch request that performs a broker-reserved action, potentially causing data loss during replication. Public documentation here documents the issue and confirms fixes in later Kafka bui...
CVE-2017-12610
CVE-2017-12610 affects Apache Kafka versions 0.10.0.0–0.10.2.1 and 0.11.0.0–0.11.0.1. The issue allows an authenticated Kafka client to impersonate other users by sending a manually crafted protocol message when SASL/PLAIN or SASL/SCRAM is used against the built-in servers. The vulnerability can ...
CVE-2026-33558
CVE-2026-33558 affects Apache Kafka: the NetworkClient logs sensitive information at DEBUG level, exposing full requests/responses for certain APIs (AlterConfigsRequest, AlterUserScramCredentialsRequest, ExpireDelegationTokenRequest, IncrementalAlterConfigsRequest, RenewDelegationTokenRequest, Sa...
CVE-2026-33557
CVE-2026-33557 affects Apache Kafka where the broker’s default oauthbearer JWT validator (DefaultJwtValidator) accepts any JWT without validating signature, issuer, or audience. An attacker can generate a token from any issuer with a chosen preferred_username, and the broker will accept it. Techn...