VYPR

Maven package

com.typesafe.akka/akka-stream-kafka_2.12

pkg:maven/com.typesafe.akka/akka-stream-kafka_2.12

Vulnerabilities (1)

  • CVE-2023-29471Apr 27, 2023
    affected < 4.0.2fixed 4.0.2

    Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.