CVE-2023-29471

Lightbend Alpakka Kafka before 5.0.0 logs its configuration as debug information, and thus log files may contain credentials (if plain cleartext login is configured). This occurs in akka.kafka.internal.KafkaConsumerActor.
Configurations

Configuration 1 (hide)

cpe:2.3:a:lightbend:alpakka_kafka:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2023-04-27 21:15

Updated : 2024-02-28 20:13


NVD link : CVE-2023-29471

Mitre link : CVE-2023-29471

CVE.ORG link : CVE-2023-29471


JSON object : View

Products Affected

lightbend

  • alpakka_kafka
CWE
CWE-312

Cleartext Storage of Sensitive Information