Apache Pulsar Vulnerabilities
Apache Apache Pulsar vulnerabilities.
Vulnerability Published:
๐๏ธ Published
- Anytime
Sort By:
๐๏ธ Published Date
- Descending
Sensitive Configuration Exposure in Apache Pulsar's Integration with Apache Kafka
CVE-2025-30677ApacheApache Pulsar Io Kafka...6.3MEDIUMUnauthorized Management Operations on Partitioned Topics and Namespace Properties in Apache Pulsar
CVE-2024-29834ApacheApache Pulsar6.4MEDIUMPulsar Functions Worker Vulnerability: Unauthorized Access and Proxy Attacks
CVE-2024-27894ApacheApache Pulsar8.5HIGHDirectory Traversal Vulnerability in Apache Pulsar Functions Worker Could Allow Attacker to Modify Files Outside of Designated Extraction Directory
CVE-2024-27317ApacheApache Pulsar8.4HIGHArbitrary Java Code Execution Vulnerability in Pulsar Function Worker
CVE-2024-27135ApacheApache Pulsar9.9CRITICALImproper Authentication Vulnerability in Apache Pulsar Proxy Could Lead to Sensitive Information Exposure and Denial of Service
CVE-2022-34321ApacheApache Pulsar8.2HIGHPulsar Vulnerability: Authenticated Users Can Modify Topic-Level Policies
CVE-2024-28098ApacheApache Pulsar5.4MEDIUMTiming Discrepancy Vulnerability Affects Pulsar Users
CVE-2023-51437ApacheApache Pulsar7.4HIGHApache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS
CVE-2023-37544ApacheApache Pulsar Websocke...7.5HIGHApache Pulsar Broker: Incorrect Authorization Validation for Rest Producer
CVE-2023-30428ApacheApache Pulsar Broker8.2HIGHApache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy
CVE-2023-30429ApacheApache Pulsar9.6CRITICALApache Pulsar: Broker does not always disconnect client when authentication data expires
CVE-2023-31007ApacheApache Pulsar6.5MEDIUMApache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials
CVE-2023-37579ApacheApache Pulsar Function...8.2HIGHApache Pulsar C++/Python OAuth Clients prior to 3.0.0 were vulnerable to an MITM attack due to Disabled Certificate Validation
CVE-2022-33684ApacheApache Pulsar8.1HIGHDisabled Certificate Validation makes Broker, Proxy Admin Clients vulnerable to MITM attack
CVE-2022-33683ApacheApache Pulsar5.9MEDIUMDisabled Hostname Verification makes Brokers, Proxies vulnerable to MITM attack
CVE-2022-33682ApacheApache Pulsar5.9MEDIUMImproper Hostname Verification in Java Client and Proxy can expose authentication data via MITM
CVE-2022-33681ApacheApache Pulsar5.9MEDIUMApache Pulsar Proxy target broker address isn't validated
CVE-2022-24280ApacheApache Pulsar6.5MEDIUMPulsar Admin API allows access to data from other tenants using getMessageById API
CVE-2021-41571ApacheApache Pulsar6.5MEDIUMAuthentication with JWT allows use of โnoneโ-algorithm
CVE-2021-22160ApacheApache PulsarEPSS 18%9.8CRITICAL