rpm package
suse/kafka&distro=SUSE OpenStack Cloud 7
pkg:rpm/suse/kafka&distro=SUSE%20OpenStack%20Cloud%207
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-1288 | Med | 5.4 | < 0.10.2.2-5.1 | 0.10.2.2-5.1 | Jul 26, 2018 | In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss. | |
| CVE-2018-12099 | Med | 6.1 | < 0.10.2.2-5.1 | 0.10.2.2-5.1 | Jun 11, 2018 | Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links. | |
| CVE-2018-3817 | Med | 6.5 | < 0.10.2.2-5.1 | 0.10.2.2-5.1 | Mar 30, 2018 | When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information. |
- affected < 0.10.2.2-5.1fixed 0.10.2.2-5.1
In Apache Kafka 0.9.0.0 to 0.9.0.1, 0.10.0.0 to 0.10.2.1, 0.11.0.0 to 0.11.0.2, and 1.0.0, authenticated Kafka users may perform action reserved for the Broker via a manually created fetch request interfering with data replication, resulting in data loss.
- affected < 0.10.2.2-5.1fixed 0.10.2.2-5.1
Grafana before 5.2.0-beta1 has XSS vulnerabilities in dashboard links.
- affected < 0.10.2.2-5.1fixed 0.10.2.2-5.1
When logging warnings regarding deprecated settings, Logstash before 5.6.6 and 6.x before 6.1.2 could inadvertently log sensitive information.