pkg:maven/org.apache.pulsar/pulsar

Type maven

Namespace org.apache.pulsar

Name pulsar

Known advisories, vulnerabilities and fixes for org.apache.pulsar/pulsar package.

Repository: https://mvnrepository.com/artifact/org.apache.pulsar/pulsar

Critical 2

Moderate 2

Type	Version	Distribution	# CVEs	# Advisory ID	Title	Severity	Published
Affected	< 2.7.2		CVE-2021-22160	MAVEN:GHSA-3CV4-XXV7-934Q	Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow	critical	2021-06-01T21:53:49 (3 years ago)
Fixed	= 2.7.2		CVE-2021-22160	MAVEN:GHSA-3CV4-XXV7-934Q	Improper Verification of Cryptographic Signature in Apache Pulsar in TensorFlow	critical	2021-06-01T21:53:49 (3 years ago)
Affected	>= 2.9.0, < 2.9.1 >= 2.8.0, < 2.8.2 < 2.7.5		CVE-2022-24280	MAVEN:GHSA-3MG9-M3F6-V7FQ	Proxy component of Apache Pulsar subject to abuse as Denial of Service endpoint	moderate	2022-09-25T00:00:18 (2 years ago)
Fixed	= 2.9.2 = 2.8.3 = 2.7.5		CVE-2022-24280	MAVEN:GHSA-3MG9-M3F6-V7FQ	Proxy component of Apache Pulsar subject to abuse as Denial of Service endpoint	moderate	2022-09-25T00:00:18 (2 years ago)
Affected	= 2.8.0 >= 2.7.0, <= 2.7.3 <= 2.6.4		CVE-2021-41571	MAVEN:GHSA-3WHX-QRJ5-HH2H	Improper Input Validation in Apache Pulsar	moderate	2022-02-02T00:01:52 (2 years ago)
Fixed	= 2.8.1 = 2.7.4		CVE-2021-41571	MAVEN:GHSA-3WHX-QRJ5-HH2H	Improper Input Validation in Apache Pulsar	moderate	2022-02-02T00:01:52 (2 years ago)
Affected	= 2.11.0 < 2.10.4		CVE-2023-30429	MAVEN:GHSA-G9CV-V3V4-3H8R	Apache Pulsar Incorrect Authorization vulnerability	critical	2023-07-12T12:31:36 (14 months ago)
Fixed	= 2.11.1 = 2.10.4		CVE-2023-30429	MAVEN:GHSA-G9CV-V3V4-3H8R	Apache Pulsar Incorrect Authorization vulnerability	critical	2023-07-12T12:31:36 (14 months ago)