pkg:maven/org.apache.pulsar/pulsar-broker
Type
maven
Namespace
org.apache.pulsar
Name
pulsar-broker
Known advisories, vulnerabilities and fixes for org.apache.pulsar/pulsar-broker package.
High
1
Moderate
5
| Type | Version | Distribution | # CVEs | # Advisory ID | Title | Severity | Published |
|---|---|---|---|---|---|---|---|
| Affected | = 2.11.0 >= 2.9.0, < 2.10.4 |
CVE-2023-31007
|
 MAVEN:GHSA-47R2-PHR8-M8CP
|
Apache Pulsar Broker Improper Authentication vulnerability | moderate |
2023-07-12T12:31:36
(14 months ago) |
|
| Fixed | = 2.11.1 = 2.10.4 |
CVE-2023-31007
|
MAVEN:GHSA-47R2-PHR8-M8CP
|
Apache Pulsar Broker Improper Authentication vulnerability | moderate |
2023-07-12T12:31:36
(14 months ago) |
|
| Affected | >= 3.2.0, < 3.2.2 >= 3.1.0, <= 3.1.3 >= 3.0.0, < 3.0.4 >= 2.11.0, <= 2.11.4 >= 2.7.1, <= 2.10.6 |
CVE-2024-29834
|
MAVEN:GHSA-7MG2-6C6V-342R
|
Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints | moderate |
2024-04-02T21:30:27
(5 months ago) |
|
| Fixed | = 3.2.2 = 3.0.4 |
CVE-2024-29834
|
MAVEN:GHSA-7MG2-6C6V-342R
|
Apache Pulsar: Improper Authorization For Namespace and Topic Management Endpoints | moderate |
2024-04-02T21:30:27
(5 months ago) |
|
| Affected | >= 2.7.1, <= 2.10.5 >= 2.11.0, <= 2.11.3 >= 3.0.0, <= 3.0.2 >= 3.1.0, <= 3.1.2 >= 3.2.0, < 3.2.1 |
CVE-2024-28098
|
MAVEN:GHSA-G627-R579-RW35
|
Apache Pulsar: Improper Authorization For Topic-Level Policy Management | moderate |
2024-03-12T21:30:59
(6 months ago) |
|
| Fixed | = 2.10.6 = 2.11.4 = 3.0.3 = 3.1.3 = 3.2.1 |
CVE-2024-28098
|
MAVEN:GHSA-G627-R579-RW35
|
Apache Pulsar: Improper Authorization For Topic-Level Policy Management | moderate |
2024-03-12T21:30:59
(6 months ago) |
|
| Affected | = 2.11.0 >= 2.9.0, < 2.10.4 |
CVE-2023-30428
|
MAVEN:GHSA-J2R7-3RVW-G7GX
|
Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization | high |
2023-07-12T12:31:36
(14 months ago) |
|
| Fixed | = 2.11.1 = 2.10.4 |
CVE-2023-30428
|
MAVEN:GHSA-J2R7-3RVW-G7GX
|
Apache Pulsar Broker's Rest Producer vulnerable to Incorrect Authorization | high |
2023-07-12T12:31:36
(14 months ago) |
|
| Affected | = 2.10.0 >= 2.9.0, < 2.9.3 >= 2.8.0, < 2.8.4 < 2.7.5 |
CVE-2022-33683
|
MAVEN:GHSA-J3QW-G67Q-7M64
|
Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation | moderate |
2022-09-25T00:00:27
(2 years ago) |
|
| Fixed | = 2.10.1 = 2.9.3 = 2.8.4 = 2.7.5 |
CVE-2022-33683
|
MAVEN:GHSA-J3QW-G67Q-7M64
|
Apache Pulsar Brokers and Proxies vulnerable to Improper Certificate Validation | moderate |
2022-09-25T00:00:27
(2 years ago) |
|
| Affected | = 2.10.0 >= 2.9.0, < 2.9.3 >= 2.8.0, < 2.8.4 < 2.7.5 |
CVE-2022-33682
|
MAVEN:GHSA-JVF3-MFXV-JCQR
|
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation | moderate |
2022-09-25T00:00:27
(2 years ago) |
|
| Fixed | = 2.10.1 = 2.9.3 = 2.8.4 = 2.7.5 |
CVE-2022-33682
|
MAVEN:GHSA-JVF3-MFXV-JCQR
|
Apache Pulsar Broker, Proxy, and WebSocket Proxy vulnerable to Improper Certificate Validation | moderate |
2022-09-25T00:00:27
(2 years ago) |