VYPR

apk package

chainguard/strimzi-kafka-operator-kafka-thirdparty-libs

pkg:apk/chainguard/strimzi-kafka-operator-kafka-thirdparty-libs

Vulnerabilities (25)

  • CVE-2024-56128Dec 18, 2024
    affected < 0.46.1-r0fixed 0.46.1-r0

    Incorrect Implementation of Authentication Algorithm in Apache Kafka's SCRAM implementation. Issue Summary: Apache Kafka's implementation of the Salted Challenge Response Authentication Mechanism (SCRAM) did not fully adhere to the requirements of RFC 5802 [1]. Specifically, as

  • CVE-2024-31141Nov 19, 2024
    affected < 0.44.0-r2fixed 0.44.0-r2

    Files or Directories Accessible to External Parties, Improper Privilege Management vulnerability in Apache Kafka Clients. Apache Kafka Clients accept configuration data for customizing behavior, and includes ConfigProvider plugins in order to manipulate these configurations. Apa

  • CVE-2024-47535Nov 12, 2024
    affected < 0fixed 0

    Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. An unsafe reading of environment file could potentially cause a denial of service in Netty. When loaded on an Windows application

  • CVE-2024-8184Oct 14, 2024
    affected < 0.45.0-r1fixed 0.45.0-r1

    There exists a security vulnerability in Jetty's ThreadLimitHandler.getRemote() which can be exploited by unauthorized users to cause remote denial-of-service (DoS) attack. By repeatedly sending crafted requests, attackers can trigger OutofMemory errors and exhaust the server's

  • CVE-2024-47554Oct 3, 2024
    affected < 0.45.0-r2fixed 0.45.0-r2

    Uncontrolled Resource Consumption vulnerability in Apache Commons IO. The org.apache.commons.io.input.XmlStreamReader class may excessively consume CPU resources when processing maliciously crafted input. This issue affects Apache Commons IO: from 2.0 before 2.14.0. Users are

Page 2 of 2