VYPR

Maven package

io.kroxylicious/kroxylicious-runtime

pkg:maven/io.kroxylicious/kroxylicious-runtime

Vulnerabilities (1)

  • CVE-2024-8285Aug 30, 2024
    affected < 0.8.0fixed 0.8.0

    A flaw was found in Kroxylicious. When establishing the connection with the upstream Kafka server using a TLS secured connection, Kroxylicious fails to properly verify the server's hostname, resulting in an insecure connection. For a successful attack to be performed, the attacke