How severe is CVE-2023-29471?

CVE-2023-29471 has a CVSS v3 score of 5.5 (MEDIUM).

CVE-2023-29471

Name: alpakka_kafka
Author: lightbend

5.5MEDIUM

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.interna

Опубликовано: 4/27/2023Обновлено: 1/31/2025

Описание

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.

ИИ-АнализНа базе ИИ

Затронутые продукты

lightbendalpakka_kafka

Ссылки

https://akka.io/security/alpakka-kafka-cve-2023-29471.html
Vendor Advisory
https://github.com/akka/alpakka-kafka/issues/1592
Issue Tracking
https://akka.io/security/alpakka-kafka-cve-2023-29471.html
Vendor Advisory
https://github.com/akka/alpakka-kafka/issues/1592
Issue Tracking