Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache kafka connect vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2023-25194
A possible security vulnerability has been identified in Apache Kafka Connect API. This requires access to a Kafka Connect worker, and the ability to create/modify connectors on it with an arbitrary Kafka client SASL JAAS config and a SASL-based security protocol, which has been ...
Apache Kafka Connect
1 Metasploit module
6 Github repositories
5.9
CVSSv3
CVE-2021-38153
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnera...
Apache Kafka
Apache Kafka 2.8.0
Quarkus Quarkus
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Financial Services Enterprise Case Management 8.0.8.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.0.7.1
Oracle Financial Services Enterprise Case Management 8.0.8.0
Oracle Financial Services Behavior Detection Platform
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Financial Services Enterprise Case Management 8.0.7.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
7.5
CVSSv3
CVE-2019-12399
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration ...
Apache Kafka 2.0.1
Apache Kafka 2.1.1
Apache Kafka 2.2.0
Apache Kafka 2.2.1
Apache Kafka 2.3.0
Apache Kafka 2.0.0
Apache Kafka 2.1.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Banking Platform 2.7.0
Oracle Flexcube Universal Banking 14.4.0
Oracle Banking Virtual Account Management 14.1.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Banking Virtual Account Management 14.4.0
Oracle Banking Trade Finance Process Management 14.1.0
Oracle Banking Trade Finance Process Management 14.3.0
Oracle Banking Trade Finance Process Management 14.4.0
Oracle Banking Supply Chain Finance
Oracle Banking Liquidity Management
Oracle Banking Credit Facilities Process Management 14.1.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.4.0
Oracle Banking Corporate Lending Process Management 14.3.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started