apache kafka 2.8.0 vulnerabilities and exploits

(subscribe to this query)

A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the at...

Red Hat Streams For Apache Kafka 2.8.0 Red Hat Streams For Apache Kafka Redhat Kroxylicious -

A security vulnerability has been identified in Apache Kafka. It affects all releases since 2.8.0. The vulnerability allows malicious unauthenticated clients to allocate large amounts of memory on brokers. This can lead to brokers hitting OutOfMemoryException and causing denial o...

Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnera...

Apache Kafka Apache Kafka 2.8.0 Quarkus Quarkus Oracle Communications Brm - Elastic Charging Engine Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0 Oracle Communications Cloud Native Core Policy 1.15.0 Oracle Financial Services Analytical Applications Infrastructure Oracle Financial Services Behavior Detection Platform Oracle Financial Services Behavior Detection Platform 8.1.1.0 Oracle Financial Services Behavior Detection Platform 8.1.1.1 Oracle Financial Services Behavior Detection Platform 8.1.2.0 Oracle Financial Services Enterprise Case Management 8.0.7.1

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook