VYPR

Maven package

org.apache.kafka/kafka-metadata

pkg:maven/org.apache.kafka/kafka-metadata

Vulnerabilities (1)

  • CVE-2024-27309Apr 12, 2024
    affected >= 3.5.0, < 3.6.2fixed 3.6.2

    While an Apache Kafka cluster is being migrated from ZooKeeper mode to KRaft mode, in some cases ACLs will not be correctly enforced. Two preconditions are needed to trigger the bug: 1. The administrator decides to remove an ACL 2. The resource associated with the removed ACL co