The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of Kafka

Apache Kafka Connect: information disclosure via Tasks Endpoint Plaintext Secrets
An attacker can bypass access restrictions to data via Tasks Endpoint Plaintext Secrets of Apache Kafka Connect, in order to obtain sensitive information...
CVE-2019-12399, VIGILANCE-VUL-31314
FasterXML jackson-databind: code execution via com.zaxxer.hikari.HikariDataSource Deserialization
An attacker can use a vulnerability via com.zaxxer.hikari.HikariDataSource Deserialization of jackson-databind, in order to run code...
cpuoct2020, CVE-2019-16335, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, NTAP-20191004-0002, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, RHSA-2020:0445-01, RHSA-2020:1644-01, VIGILANCE-VUL-30500
FasterXML jackson-databind: code execution via com.zaxxer.hikari.HikariConfig Deserialization
An attacker can use a vulnerability via com.zaxxer.hikari.HikariConfig Deserialization of jackson-databind, in order to run code...
cpuoct2020, CVE-2019-14540, DLA-1943-1, DSA-4542-1, FEDORA-2019-b171554877, NTAP-20191004-0002, RHSA-2020:0159-01, RHSA-2020:0160-01, RHSA-2020:0161-01, RHSA-2020:0164-01, RHSA-2020:0445-01, RHSA-2020:1644-01, VIGILANCE-VUL-30499
Apache Kafka: privilege escalation via Produce Request
An attacker can bypass restrictions via Produce Request of Apache Kafka, in order to escalate his privileges...
CVE-2018-17196, VIGILANCE-VUL-29749
Eclipse Jetty: Cross Site Scripting
An attacker can trigger a Cross Site Scripting of Eclipse Jetty, in order to run JavaScript code in the context of the web site...
6344071, 6344075, cpuapr2020, cpuapr2021, cpujan2020, cpujan2021, cpujul2020, CVE-2019-10241, CVE-2019-10246, CVE-2019-10247, DLA-2661-1, NTAP-20190509-0003, VIGILANCE-VUL-29106
Apache Kafka: denial of service via Metadata Spamming Requests
An attacker can trigger a fatal error via Metadata Spamming Requests of Apache Kafka, in order to trigger a denial of service...
VIGILANCE-VUL-28571
Apache Kafka: denial of service via Data Replication
An attacker can generate a fatal error via Data Replication of Apache Kafka, in order to trigger a denial of service...
CVE-2018-1288, VIGILANCE-VUL-26851
Apache Kafka: privilege escalation via SASL
An attacker can bypass restrictions via SASL of Apache Kafka, in order to escalate his privileges...
CVE-2017-12610, VIGILANCE-VUL-26850
Apache Kafka: memory leak
An attacker can create a memory leak of Apache Kafka, in order to trigger a denial of service...
VIGILANCE-VUL-25451
Apache Kafka: code execution via FileOffsetBackingStore
An attacker can use a vulnerability via FileOffsetBackingStore of Apache Kafka, in order to run code...
VIGILANCE-VUL-23293
Our database contains other pages. You can request a free trial to read them.

Display information about Kafka: