Lightbend Alpakka Kafka prior to 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lightbend alpakka kafka |