org.apache.pulsar:pulsar (Maven) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the Maven package org.apache.pulsar:pulsar, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (4)
CVE-2021-22160 — CVSS 9.8 (critical): If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not…
CVE-2023-30429 — CVSS 9.6 (critical): Incorrect Authorization vulnerability in Apache Software Foundation Apache Pulsar. This issue affects Apache Pulsar: before 2.10.4, and…
CVE-2021-41571 — CVSS 6.5 (medium): In Apache Pulsar it is possible to access data from BookKeeper that does not belong to the topics accessible by the authenticated user. The…
CVE-2022-24280 — CVSS 6.5 (medium): Improper Input Validation vulnerability in Proxy component of Apache Pulsar allows an attacker to make TCP/IP connection attempts that…