Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
apache kafka 2.1.1 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2018-17196
In Apache Kafka versions between 0.11.0.0 and 2.1.0, it is possible to manually craft a Produce request which bypasses transaction/idempotent ACL validation. Only authenticated clients with Write permission on the respective topics are able to exploit this vulnerability. Users sh...
Apache Kafka
1 Github repository
5
CVSSv2
CVE-2019-12399
When Connect workers in Apache Kafka 2.0.0, 2.0.1, 2.1.0, 2.1.1, 2.2.0, 2.2.1, or 2.3.0 are configured with one or more config providers, and a connector is created/updated on that Connect cluster to use an externalized secret variable in a substring of a connector configuration ...
Apache Kafka 2.0.1
Apache Kafka 2.1.1
Apache Kafka 2.2.0
Apache Kafka 2.2.1
Apache Kafka 2.3.0
Apache Kafka 2.0.0
Apache Kafka 2.1.0
Oracle Financial Services Analytical Applications Infrastructure
Oracle Banking Platform 2.7.0
Oracle Flexcube Universal Banking 14.4.0
Oracle Banking Virtual Account Management 14.1.0
Oracle Banking Virtual Account Management 14.3.0
Oracle Banking Virtual Account Management 14.4.0
Oracle Banking Trade Finance Process Management 14.1.0
Oracle Banking Trade Finance Process Management 14.3.0
Oracle Banking Trade Finance Process Management 14.4.0
Oracle Banking Supply Chain Finance
Oracle Banking Liquidity Management
Oracle Banking Credit Facilities Process Management 14.1.0
Oracle Banking Credit Facilities Process Management 14.3.0
Oracle Banking Credit Facilities Process Management 14.4.0
Oracle Banking Corporate Lending Process Management 14.3.0
4.3
CVSSv2
CVE-2021-38153
Some components in Apache Kafka use `Arrays.equals` to validate a password or key, which is vulnerable to timing attacks that make brute force attacks for such credentials more likely to be successful. Users should upgrade to 2.8.1 or higher, or 3.0.0 or higher where this vulnera...
Apache Kafka
Apache Kafka 2.8.0
Quarkus Quarkus
Oracle Primavera Unifier 18.8
Oracle Primavera Unifier 19.12
Oracle Primavera Unifier 20.12
Oracle Primavera Unifier 21.12
Oracle Financial Services Enterprise Case Management 8.0.8.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.0.7.1
Oracle Financial Services Enterprise Case Management 8.0.8.0
Oracle Financial Services Behavior Detection Platform
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Financial Services Enterprise Case Management 8.0.7.2
Oracle Financial Services Analytical Applications Infrastructure
Oracle Communications Brm - Elastic Charging Engine 12.0.0.5.0
Oracle Communications Brm - Elastic Charging Engine
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started