VYPR

rpm package

opensuse/kafka-source&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/kafka-source&distro=openSUSE%20Tumbleweed

Vulnerabilities (2)

  • CVE-2018-1288MedJul 26, 2018
    affected < 2.1.0-3.6fixed 2.1.0-3.6

    In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.

  • CVE-2018-7489CriFeb 26, 2018
    affected < 2.1.0-3.6fixed 2.1.0-3.6

    FasterXML jackson-databind before 2.7.9.3, 2.8.x before 2.8.11.1 and 2.9.x before 2.9.5 allows unauthenticated remote code execution because of an incomplete fix for the CVE-2017-7525 deserialization flaw. This is exploitable by sending maliciously crafted JSON input to the readV