Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
ApachePulsar2.7.0

3 matches found

CVE
CVEadded 2022/02/01 1:15 p.m.76 views

CVE-2021-41571

In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The Admin API get-message-by-id requires the user to input a topic and a ledger id. The ledger id is a pointer to the data, and it is supposed to be a valid it for...

6.5CVSS6.2AI score0.00979EPSS
CVE
CVEadded 2022/09/23 10:15 a.m.75 views

CVE-2022-24280

Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that originate from the Pulsar Proxy's IP address. When the Apache Pulsar Proxy component is used, it is possible to attempt to open TCP/IP connections to any IP address...

6.5CVSS6.4AI score0.00026EPSS
CVE
CVEadded 2022/11/04 12:15 p.m.71 views

CVE-2022-33684

The Apache Pulsar C++ Client does not verify peer TLS certificates when making HTTPS calls for the OAuth2.0 Client Credential Flow, even when tlsAllowInsecureConnection is disabled via configuration. This vulnerability allows an attacker to perform a man in the middle attack and intercept and/or mo...

8.1CVSS8AI score0.00166EPSS