CVE-2023-29471
5.5MEDIUMLightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.interna
Veröffentlicht: 4/27/2023Aktualisiert: 1/31/2025
Beschreibung
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.
KI-AnalyseKI-gestützt
Betroffene Produkte
lightbendalpakka_kafka
Referenzen
- https://akka.io/security/alpakka-kafka-cve-2023-29471.htmlVendor Advisory
- https://github.com/akka/alpakka-kafka/issues/1592Issue Tracking
- https://akka.io/security/alpakka-kafka-cve-2023-29471.htmlVendor Advisory
- https://github.com/akka/alpakka-kafka/issues/1592Issue Tracking