CVE-2023-29471
5.5MEDIUMLightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.interna
Published: 4/27/2023Updated: 1/31/2025
Description
Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.
AI AnalysisPowered by AI
Affected Products
lightbendalpakka_kafka
References
- https://akka.io/security/alpakka-kafka-cve-2023-29471.htmlVendor Advisory
- https://github.com/akka/alpakka-kafka/issues/1592Issue Tracking
- https://akka.io/security/alpakka-kafka-cve-2023-29471.htmlVendor Advisory
- https://github.com/akka/alpakka-kafka/issues/1592Issue Tracking