Maven package
org.apache.pulsar/pulsar-broker-auth-sasl
pkg:maven/org.apache.pulsar/pulsar-broker-auth-sasl
Vulnerabilities (1)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-51437 | — | < 2.11.3 | 2.11.3 | Feb 7, 2024 | Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users shoul |
- CVE-2023-51437Feb 7, 2024affected < 2.11.3fixed 2.11.3
Observable timing discrepancy vulnerability in Apache Pulsar SASL Authentication Provider can allow an attacker to forge a SASL Role Token that will pass signature verification. Users are recommended to upgrade to version 2.11.3, 3.0.2, or 3.1.1 which fixes the issue. Users shoul