Apache Pulsar Vulnerabilities
Apache Apache Pulsar vulnerabilities.
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Unauthorized Management Operations on Partitioned Topics and Namespace Properties in Apache Pulsar
CVE-2024-29834ApacheApache Pulsar6.4MEDIUMPulsar Functions Worker Vulnerability: Unauthorized Access and Proxy Attacks
CVE-2024-27894ApacheApache Pulsar8.8HIGHDirectory Traversal Vulnerability in Apache Pulsar Functions Worker Could Allow Attacker to Modify Files Outside of Designated Extraction Directory
CVE-2024-27317ApacheApache Pulsar9.9CRITICALArbitrary Java Code Execution Vulnerability in Pulsar Function Worker
CVE-2024-27135ApacheApache Pulsar9.9CRITICALImproper Authentication Vulnerability in Apache Pulsar Proxy Could Lead to Sensitive Information Exposure and Denial of Service
CVE-2022-34321ApacheApache Pulsar8.2HIGHPulsar Vulnerability: Authenticated Users Can Modify Topic-Level Policies
CVE-2024-28098ApacheApache Pulsar5.4MEDIUMTiming Discrepancy Vulnerability Affects Pulsar Users
CVE-2023-51437ApacheApache Pulsar7.4HIGHApache Pulsar WebSocket Proxy: Improper Authentication for WebSocket Proxy Endpoint Allows DoS
CVE-2023-37544ApacheApache Pulsar WebSocke...7.5HIGHApache Pulsar Function Worker: Incorrect Authorization for Function Worker Can Leak Sink/Source Credentials
CVE-2023-37579ApacheApache Pulsar Function...8.2HIGHApache Pulsar Broker: Incorrect Authorization Validation for Rest Producer
CVE-2023-30428ApacheApache Pulsar Broker8.2HIGHApache Pulsar: Incorrect Authorization for Function Worker when using mTLS Authentication through Pulsar Proxy
CVE-2023-30429ApacheApache Pulsar9.6CRITICALApache Pulsar: Broker does not always disconnect client when authentication data expires
CVE-2023-31007ApacheApache Pulsar6.5MEDIUMApache Pulsar C++/Python OAuth Clients prior to 3.0.0 were vulnerable to an MITM attack due to Disabled Certificate Validation
CVE-2022-33684ApacheApache Pulsar8.1HIGHDisabled Certificate Validation makes Broker, Proxy Admin Clients vulnerable to MITM attack
CVE-2022-33683ApacheApache Pulsar5.9MEDIUMDisabled Hostname Verification makes Brokers, Proxies vulnerable to MITM attack
CVE-2022-33682ApacheApache Pulsar5.9MEDIUMImproper Hostname Verification in Java Client and Proxy can expose authentication data via MITM
CVE-2022-33681ApacheApache Pulsar5.9MEDIUMApache Pulsar Proxy target broker address isn't validated
CVE-2022-24280ApacheApache Pulsar6.5MEDIUMPulsar Admin API allows access to data from other tenants using getMessageById API
CVE-2021-41571ApacheApache Pulsar6.5MEDIUMAuthentication with JWT allows use of βnoneβ-algorithm
CVE-2021-22160ApacheApache Pulsar9.8CRITICAL
2 April 2024
12 March 2024
7 February 2024
20 December 2023
12 July 2023
4 November 2022
23 September 2022
1 February 2022
26 May 2021
No more vulnerabilities to load.