How severe is CVE-2023-29471?

CVE-2023-29471 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2023-29471

Name: alpakka_kafka
Author: lightbend

5.5MEDIUM

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.interna

Publicado: 4/27/2023Atualizado: 1/31/2025

Descrição

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.

Análise IADesenvolvido por IA

Produtos Afetados

lightbendalpakka_kafka

Referências

https://akka.io/security/alpakka-kafka-cve-2023-29471.html
Vendor Advisory
https://github.com/akka/alpakka-kafka/issues/1592
Issue Tracking
https://akka.io/security/alpakka-kafka-cve-2023-29471.html
Vendor Advisory
https://github.com/akka/alpakka-kafka/issues/1592
Issue Tracking