Known vulnerabilities in Apache Foundation Apache Kafka

Website: https://www.apache.org
Total Security Bulletins: 15

Security bulletins (15)

Secuity bulletin Severity Status Published
SB2025082612: Deserialization of untrusted data in Apache Kafka High
Patched
26.08.2025
SB20250704102: Deserialization of untrusted data in Apache Kafka Medium
Patched
04.07.2025
SB2025070339: SSRF in Apache Kafka Client High
Patched Public exploit
03.07.2025
SB2024121826: Improper authentication in Apache Kafka SCRAM implementation Medium
Patched
18.12.2024
SB2024080227: Incorrect authorization in Apache Kafka Medium
Patched
02.08.2024
SB2023071946: Multiple vulnerabilities in Oracle Communications Convergent Charging Controller High
Patched Public exploit
19.07.2023
SB2023021101: Deserialization of untrused data in Apache Kafka Connect Low
Patched Public exploit
11.02.2023
SB2022092020: Denial of service in Apache Kafka Medium
Patched
20.09.2022
SB2021092116: Timing attack in Apache Kafka Low
Patched
21.09.2021
SB2020011418: Information disclosure in Apache Kafka Low
Patched
14.01.2020
SB2019120206: Apache Kafka update for jackson-databind High
Patched
02.12.2019
SB2019071706: Security restrictions bypass in Apache Kafka Medium
Patched
17.07.2019
SB2019061119: Denial of service in Apache Kafka Low
Patched
11.06.2019
SB2018073108: Session hijacking in Apache Kafka Low
Patched
31.07.2018
SB2018072621: Security restrictions bypass in Apache Kafka Low
Patched
26.07.2018